Hy everyone
I installed crowdsec in my ubuntu virtual machine with nginx and ssh .
. In another private network i have a kali Linux and i made thé scan to crowdsec machine with nikto and hydra for ssh. I see all in my log auth.log for ssh and accès.log for nginx but the crowdsec do nothing.
When i made cscli alerts list i see nothing.
Question . Crowdsec détect and alert if the attaque comming from a private network?
Thanks
Hey
Thanks for reaching out. Could you elaborate on what you have installed? Did you follow the install instructions? And did you install both the CrowdSec agent and a bouncer? If so, which bouncer and did you verify that the bouncer is properly registered with the agent?
Thanks!
Hello @Petre,
If you run cscli parsers list , does the parser crowdsecurity/whitelists is installed ?
If yes, this parser whitelist private IP address. So for your tests, you might want to delete it by running sudo cscli parsers remove crowdsecurity/whitelists (and reload crowdsec).
Hello everyone
Firstly thanks for thé reply
I made thé changé with thé parser whitelist and thé issue is solved.
Thanks