crowdsec on Kali Linux
Last updated: November 14,2023
1. Install crowdsec package
Please follow the instructions below to install crowdsec package:
sudo apt update
sudo apt install crowdsec
2. Uninstall / Remove crowdsec package
This guide let you learn how to uninstall crowdsec package:
sudo apt remove crowdsec
sudo apt autoclean && sudo apt autoremove
3. Details of crowdsec package
Package: crowdsec
Source: crowdsec (1.0.9-3)
Version: 1.0.9-3+b2
Installed-Size: 33993
Maintainer: Cyril Brulebois
Architecture: amd64
Depends: ca-certificates, libc6 (>= 2.34), libsqlite3-0 (>= 3.12.0)
Size: 9712184
SHA256: ee169737f811712c7c0f32f994d5a86dcb8a71be3b547ed7c82fb22cf76e6d42
SHA1: ec9d0949fde3cd099f9655049b824acd5d165bb8
MD5sum: 9ee178dd360050556e509791bf814304
Description: lightweight and collaborative security engine
CrowdSec is a lightweight security engine, able to detect and remedy
aggressive network behavior. It can leverage and also enrich a
global community-wide IP reputation database, to help fight online
cybersec aggressions in a collaborative manner.
.
CrowdSec can read many log sources, parse and also enrich them, in
order to detect specific scenarios, that usually represent malevolent
behavior. Parsers, Enrichers, and Scenarios are YAML files that can
be shared and downloaded through a specific Hub, as well as be created
or adapted locally.
.
Detection results are available for CrowdSec, its CLI tools and
bouncers via an HTTP API. Triggered scenarios lead to an alert, which
often results in a decision (e.g. IP banned for 4 hours) that can be
consumed by bouncers (software components enforcing a decision, such
as an iptables ban, an nginx lua script, or any custom user script).
.
The CLI allows users to deploy a Metabase Docker image to provide
simple-to-deploy dashboards of ongoing activity. The CrowdSec daemon
is also instrumented with Prometheus to provide observability.
.
CrowdSec can be used against live logs (“à la fail2ban”), but can
also work on cold logs to help, in a forensic context, to build an
analysis for past events.
.
On top of that, CrowdSec aims at sharing detection signals amongst
all participants, to pre-emptively allow users to block likely
attackers. To achieve this, minimal meta-information about the attack
is shared with the CrowdSec organization for further retribution.
.
Users can also decide not to take part into the collective effort via
the central API, but to register on a local API instead.
Description-md5: 7b42942378aab9e4affe682dd9fa1b39
Homepage: https://github.com/crowdsecurity/crowdsec
Built-Using: docker-registry (= 2.8.1+ds1-2), docker.io (= 20.10.17+dfsg1-1), go-md2man-v2 (= 2.0.2+ds1-1), golang-1.19 (= 1.19-1), golang-blackfriday-v2 (= 2.1.0-1), golang-fsnotify (= 1.5.4-1), golang-github-alecaivazis-survey (= 2.3.5+ds1-1), golang-github-antonmedv-expr (= 1.8.9-2), golang-github-appleboy-gin-jwt (= 2.6.4-2), golang-github-asaskevich-govalidator (= 9+git20180720.0.f9ffefc3-1.1), golang-github-beorn7-perks (= 1.0.1-1), golang-github-buger-jsonparser (= 1.1.1-2), golang-github-cespare-xxhash (= 2.1.1-2), golang-github-coreos-go-systemd (= 22.3.2-1), golang-github-davecgh-go-spew (= 1.1.1-3), golang-github-dghubble-sling (= 1.3.0-1), golang-github-dgrijalva-jwt-go (= 3.2.0-3), golang-github-docker-go-connections (= 0.4.0-3), golang-github-docker-go-units (= 0.4.0-4), golang-github-enescakir-emoji (= 1.0.0-2), golang-github-facebook-ent (= 0.5.4-3), golang-github-gin-contrib-sse (= 0.1.0-1), golang-github-gin-gonic-gin (= 1.6.3-4), golang-github-go-co-op-gocron (= 0.5.0-2), golang-github-go-openapi-analysis (= 0.21.2-1), golang-github-go-openapi-errors (= 0.20.2-1), golang-github-go-openapi-jsonpointer (= 1:0.19.5-3), golang-github-go-openapi-jsonreference (= 1:0.19.6-2), golang-github-go-openapi-loads (= 0.21.1-2), golang-github-go-openapi-spec (= 1:0.20.4-2), golang-github-go-openapi-strfmt (= 0.21.2-1), golang-github-go-openapi-swag (= 1:0.21.1-1), golang-github-go-openapi-validate (= 0.21.0-1), golang-github-go-playground-locales (= 0.14.0-2), golang-github-go-playground-universal-translator (= 0.17.0-2), golang-github-go-playground-validator-v10 (= 10.4.1-3), golang-github-go-sql-driver-mysql (= 1.5.0-1), golang-github-go-stack-stack (= 1.8.0-1), golang-github-google-go-querystring (= 1.1.0-1), golang-github-google-uuid (= 1.3.0-1), golang-github-goombaio-namegenerator (= 0.0.2-2), golang-github-hashicorp-go-version (= 1.3.0-1), golang-github-josharian-intern (= 1.0.0-3), golang-github-kballard-go-shellquote (= 0.0~git20180428.95032a8-1), golang-github-leodido-go-urn (= 1.2.1-2), golang-github-lib-pq (= 1.5.2-1), golang-github-logrusorgru-grokky (= 0.0~git20180829.47edf01-2), golang-github-mailru-easyjson (= 0.7.6-2), golang-github-mattn-go-colorable (= 0.1.12-1), golang-github-mattn-go-isatty (= 0.0.14-1), golang-github-mattn-go-runewidth (= 0.0.13-2), golang-github-mattn-go-sqlite3 (= 1.14.14~ds1-1), golang-github-mgutz-ansi (= 0.0~git20200706.d51e80e-1), golang-github-mitchellh-mapstructure (= 1.5.0-1), golang-github-mohae-deepcopy (= 0.0~git20170929.c48cc78-2), golang-github-nxadm-tail (= 1.4.5+ds1-4), golang-github-oklog-ulid (= 2.0.2+ds-2), golang-github-olekukonko-tablewriter (= 0.0.5-1), golang-github-opencontainers-go-digest (= 1.0.0-1), golang-github-opencontainers-image-spec (= 1.0.2+20211123.g43a7dee1ec31-2), golang-github-opennota-urlesc (= 0.0~git20160726.0.5bd2802-1.1), golang-github-oschwald-geoip2-golang (= 1.4.0-1), golang-github-oschwald-maxminddb-golang (= 1.8.0-1), golang-github-pkg-errors (= 0.9.1-2), golang-github-prometheus-client-golang (= 1.11.1-1), golang-github-prometheus-client-model (= 0.2.0-3), golang-github-prometheus-common (= 0.32.1-8), golang-github-prometheus-procfs (= 0.7.3-2), golang-github-prometheus-prom2json (= 1.3.0+ds1-2), golang-github-puerkitobio-purell (= 1.1.1-1), golang-github-rivo-uniseg (= 0.2.0-1), golang-github-spf13-cobra (= 1.4.0-2), golang-github-spf13-pflag (= 1.0.6~git20210604-d5e0c0615ace-1), golang-github-ugorji-go-codec (= 1.2.7-1), golang-go.crypto (= 1:0.0~git20220315.3147a52-1), golang-gogoprotobuf (= 1.3.2-1), golang-golang-x-mod (= 0.5.1-2), golang-golang-x-net (= 1:0.0+git20220728.c7608f3+dfsg-2), golang-golang-x-sys (= 0.0~git20220731.a90be44-1), golang-golang-x-term (= 0.0~git20220526.065cf7b-1), golang-golang-x-text (= 0.3.7-1), golang-gopkg-natefinch-lumberjack.v2 (= 2.1-2), golang-gopkg-tomb.v1 (= 0.0~git20141024.0.dd63297-7), golang-gopkg-tomb.v2 (= 0.0~git20161208.d5d1b58-3), golang-goprotobuf (= 1.3.4-2), golang-logrus (= 1.7.0-2), golang-mongodb-mongo-driver (= 1.8.4+ds1-2), golang-protobuf-extensions (= 1.0.1-1), golang-yaml.v2 (= 2.4.0-4)
Section: golang
Priority: optional
Filename: pool/main/c/crowdsec/crowdsec_1.0.9-3+b2_amd64.deb
Source: crowdsec (1.0.9-3)
Version: 1.0.9-3+b2
Installed-Size: 33993
Maintainer: Cyril Brulebois
Architecture: amd64
Depends: ca-certificates, libc6 (>= 2.34), libsqlite3-0 (>= 3.12.0)
Size: 9712184
SHA256: ee169737f811712c7c0f32f994d5a86dcb8a71be3b547ed7c82fb22cf76e6d42
SHA1: ec9d0949fde3cd099f9655049b824acd5d165bb8
MD5sum: 9ee178dd360050556e509791bf814304
Description: lightweight and collaborative security engine
CrowdSec is a lightweight security engine, able to detect and remedy
aggressive network behavior. It can leverage and also enrich a
global community-wide IP reputation database, to help fight online
cybersec aggressions in a collaborative manner.
.
CrowdSec can read many log sources, parse and also enrich them, in
order to detect specific scenarios, that usually represent malevolent
behavior. Parsers, Enrichers, and Scenarios are YAML files that can
be shared and downloaded through a specific Hub, as well as be created
or adapted locally.
.
Detection results are available for CrowdSec, its CLI tools and
bouncers via an HTTP API. Triggered scenarios lead to an alert, which
often results in a decision (e.g. IP banned for 4 hours) that can be
consumed by bouncers (software components enforcing a decision, such
as an iptables ban, an nginx lua script, or any custom user script).
.
The CLI allows users to deploy a Metabase Docker image to provide
simple-to-deploy dashboards of ongoing activity. The CrowdSec daemon
is also instrumented with Prometheus to provide observability.
.
CrowdSec can be used against live logs (“à la fail2ban”), but can
also work on cold logs to help, in a forensic context, to build an
analysis for past events.
.
On top of that, CrowdSec aims at sharing detection signals amongst
all participants, to pre-emptively allow users to block likely
attackers. To achieve this, minimal meta-information about the attack
is shared with the CrowdSec organization for further retribution.
.
Users can also decide not to take part into the collective effort via
the central API, but to register on a local API instead.
Description-md5: 7b42942378aab9e4affe682dd9fa1b39
Homepage: https://github.com/crowdsecurity/crowdsec
Built-Using: docker-registry (= 2.8.1+ds1-2), docker.io (= 20.10.17+dfsg1-1), go-md2man-v2 (= 2.0.2+ds1-1), golang-1.19 (= 1.19-1), golang-blackfriday-v2 (= 2.1.0-1), golang-fsnotify (= 1.5.4-1), golang-github-alecaivazis-survey (= 2.3.5+ds1-1), golang-github-antonmedv-expr (= 1.8.9-2), golang-github-appleboy-gin-jwt (= 2.6.4-2), golang-github-asaskevich-govalidator (= 9+git20180720.0.f9ffefc3-1.1), golang-github-beorn7-perks (= 1.0.1-1), golang-github-buger-jsonparser (= 1.1.1-2), golang-github-cespare-xxhash (= 2.1.1-2), golang-github-coreos-go-systemd (= 22.3.2-1), golang-github-davecgh-go-spew (= 1.1.1-3), golang-github-dghubble-sling (= 1.3.0-1), golang-github-dgrijalva-jwt-go (= 3.2.0-3), golang-github-docker-go-connections (= 0.4.0-3), golang-github-docker-go-units (= 0.4.0-4), golang-github-enescakir-emoji (= 1.0.0-2), golang-github-facebook-ent (= 0.5.4-3), golang-github-gin-contrib-sse (= 0.1.0-1), golang-github-gin-gonic-gin (= 1.6.3-4), golang-github-go-co-op-gocron (= 0.5.0-2), golang-github-go-openapi-analysis (= 0.21.2-1), golang-github-go-openapi-errors (= 0.20.2-1), golang-github-go-openapi-jsonpointer (= 1:0.19.5-3), golang-github-go-openapi-jsonreference (= 1:0.19.6-2), golang-github-go-openapi-loads (= 0.21.1-2), golang-github-go-openapi-spec (= 1:0.20.4-2), golang-github-go-openapi-strfmt (= 0.21.2-1), golang-github-go-openapi-swag (= 1:0.21.1-1), golang-github-go-openapi-validate (= 0.21.0-1), golang-github-go-playground-locales (= 0.14.0-2), golang-github-go-playground-universal-translator (= 0.17.0-2), golang-github-go-playground-validator-v10 (= 10.4.1-3), golang-github-go-sql-driver-mysql (= 1.5.0-1), golang-github-go-stack-stack (= 1.8.0-1), golang-github-google-go-querystring (= 1.1.0-1), golang-github-google-uuid (= 1.3.0-1), golang-github-goombaio-namegenerator (= 0.0.2-2), golang-github-hashicorp-go-version (= 1.3.0-1), golang-github-josharian-intern (= 1.0.0-3), golang-github-kballard-go-shellquote (= 0.0~git20180428.95032a8-1), golang-github-leodido-go-urn (= 1.2.1-2), golang-github-lib-pq (= 1.5.2-1), golang-github-logrusorgru-grokky (= 0.0~git20180829.47edf01-2), golang-github-mailru-easyjson (= 0.7.6-2), golang-github-mattn-go-colorable (= 0.1.12-1), golang-github-mattn-go-isatty (= 0.0.14-1), golang-github-mattn-go-runewidth (= 0.0.13-2), golang-github-mattn-go-sqlite3 (= 1.14.14~ds1-1), golang-github-mgutz-ansi (= 0.0~git20200706.d51e80e-1), golang-github-mitchellh-mapstructure (= 1.5.0-1), golang-github-mohae-deepcopy (= 0.0~git20170929.c48cc78-2), golang-github-nxadm-tail (= 1.4.5+ds1-4), golang-github-oklog-ulid (= 2.0.2+ds-2), golang-github-olekukonko-tablewriter (= 0.0.5-1), golang-github-opencontainers-go-digest (= 1.0.0-1), golang-github-opencontainers-image-spec (= 1.0.2+20211123.g43a7dee1ec31-2), golang-github-opennota-urlesc (= 0.0~git20160726.0.5bd2802-1.1), golang-github-oschwald-geoip2-golang (= 1.4.0-1), golang-github-oschwald-maxminddb-golang (= 1.8.0-1), golang-github-pkg-errors (= 0.9.1-2), golang-github-prometheus-client-golang (= 1.11.1-1), golang-github-prometheus-client-model (= 0.2.0-3), golang-github-prometheus-common (= 0.32.1-8), golang-github-prometheus-procfs (= 0.7.3-2), golang-github-prometheus-prom2json (= 1.3.0+ds1-2), golang-github-puerkitobio-purell (= 1.1.1-1), golang-github-rivo-uniseg (= 0.2.0-1), golang-github-spf13-cobra (= 1.4.0-2), golang-github-spf13-pflag (= 1.0.6~git20210604-d5e0c0615ace-1), golang-github-ugorji-go-codec (= 1.2.7-1), golang-go.crypto (= 1:0.0~git20220315.3147a52-1), golang-gogoprotobuf (= 1.3.2-1), golang-golang-x-mod (= 0.5.1-2), golang-golang-x-net (= 1:0.0+git20220728.c7608f3+dfsg-2), golang-golang-x-sys (= 0.0~git20220731.a90be44-1), golang-golang-x-term (= 0.0~git20220526.065cf7b-1), golang-golang-x-text (= 0.3.7-1), golang-gopkg-natefinch-lumberjack.v2 (= 2.1-2), golang-gopkg-tomb.v1 (= 0.0~git20141024.0.dd63297-7), golang-gopkg-tomb.v2 (= 0.0~git20161208.d5d1b58-3), golang-goprotobuf (= 1.3.4-2), golang-logrus (= 1.7.0-2), golang-mongodb-mongo-driver (= 1.8.4+ds1-2), golang-protobuf-extensions (= 1.0.1-1), golang-yaml.v2 (= 2.4.0-4)
Section: golang
Priority: optional
Filename: pool/main/c/crowdsec/crowdsec_1.0.9-3+b2_amd64.deb
4. References on Kali Linux
5. The same packages on other Linux Distributions
Popular Linux Distros
Ubuntu 20.04 LTS (Focal Fossa)
75,824 Packages
Ubuntu 22.04 LTS (Jammy Jellyfish)
70,964 Packages
Arch User Repository (AUR)
86,997 Packages
Ubuntu 18.04 LTS (Bionic Beaver)
79,010 Packages
Linux Mint 20.3 "Una"
75,783 Packages
Fedora 36
70,928 Packages
Fedora 35
72,396 Packages
Ubuntu 21.10 (Impish Indri)
64,636 Packages
Ubuntu 22.10 (Kinetic Kudu)
69,412 Packages
Linux Mint 21 "Vanessa"
69,356 Packages
Fedora 34
68,716 Packages
Ubuntu 16.04 LTS (Xenial Xerus)
61,875 Packages
Kali Linux
65,367 Packages
Debian 11 (Bullseye)
60,384 Packages
Debian 10 (Buster)
58,416 Packages
openSuSE Tumbleweed
48,211 Packages
Ubuntu 21.04 (Hirsute Hippo)
36,998 Packages
openSUSE Leap
40,198 Packages
Ubuntu 20.10 (Groovy Gorilla)
33,295 Packages
CentOS 8 / RHEL 8
15,935 Packages
Oracle Linux 8
20,559 Packages
Arch Linux
12,526 Packages
CentOS Stream 8
17,085 Packages
Rocky Linux 8
18,356 Packages
AlmaLinux 8
18,241 Packages
Oracle Linux 9
18,006 Packages
Manjaro
13,109 Packages
Rocky Linux 9
15,998 Packages
Amazon Linux 2
8,700 Packages
CentOS 7 / RHEL 7
650 Packages