The readme plays a gif of " Out of the box detection" and bans ip. But after the installation there’ s a message saying it would not ban anything unless a bouncer is configured. My question is does it ban ssh IP after default installation?
Hello !
Crowdsec itself provides the detection mechanism, but the counter measures are provided by the bouncers. If you want to ban IPs from ssh for example, you would need to use a bouncer such as the cs-firewall-bouncer (that you can find on the hub : CrowdSec Console)
So to answer your question : “My question is does it ban ssh IP after default installation?” : No, you need to install a bouncer for this to happen. If you only install crowdsec, it will only “detect” the attacks.
1 Like