In this video, I am going to show you how to install CrowdSec, a popular open source collaborative security tool on your OPNSense firewall. In addition to this, I will show you how we can integrate CrowdSec with our already installed NAXSI WAF and leverage it to ban repeated attacks from threat actors attempting to launch injection attacks on our web applications.
Some topics that we will cover:
- Understanding how CrowdSec works.
- Creating and implementing a custom CrowdSec parser and scenario that extracts data from our NAXSI WAF logs.
- Modification of CrowdSec profile.yaml and setup of decisions and ban duration.
- Basic understanding of the CrowdSec command line tool.
So if you are ready to make your OPNSense firewall even more powerful and complete, jump straight into the video now! P.S. – Also, please don’t forget to like and subscribe!
Links used in video:
https://github.com/ls111-cybersec/opnsense-crowdsec-naxsi-integration https://docs.crowdsec.net/docs/concepts