Sunday, April 13, 2025

SOC Lab: CrowdSec // Part 5 // Walkthrough


CrowdSec uses behavior-based detection, which tracks suspicious activity (failed SSH logins, port scans, etc.), and can automatically block bad IPs. We will be installing CrowdSec both of our Windows VMs (Workstation and Server). 




Go to the CrowdSec website and create an account



Go to Github and download the crowdsec .msi file. Then run the file. 





Finally, download CrowdSec on the Windows Workstation VM. 


 

at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Help Desk Lab // Part 7-9 // (Mapping Network Drives, Active Directory security groups, NTFS/share-level permissions, Remote Desktop/Remote Registry, Group Policy, RSOP)

 *All credit for this lab goes to Simokid on GitHub. This is my walkthrough.    Security Groups, Mapped Drives, Personal Drives, Permission ...