Crowdsec the next fail2ban generation

It’s power… is also it’s weakness.
This “db” crowd-created is “more rule” and so “more CPU power” used for retrieving, processing, checking and “let the buggers drop” when they try to connect.

On the other side, missing login/knocks on the server could save CPU power, but it’s a lot of balancing.

This might be useful for avoiding emerging botnets, well known buccaneers, but… buccaneers may be already available/stored into threatshield. Which is, in my humble opinion, the nice complement for Fail2ban.

Being dependent on Crowdsec means, for avoiding useless duplications, traffic and cpu-power consumption, complete removal of ThreadShield and Fail2ban.

This startup created a really interesting and well-saleable business plan.
Free product for gaining “antennas” for gathering data. AI development about analysis for create the “pro set”, which might be refined, smaller and weighted for have the biggest defense/load balance.
Costs? Few developers for creating the product (payed list), data centers for distributing the payed version and keeping syncing between “free antennas” for delivering the free-not-refined version, allowing lower data consumption on their infrastructure.

At least, by my perception. Maybe it will be a real gamechanger, but until now is a “nicer repack” of something known, with people trying to create a business about that.

2 Likes