ShellBot Uses Hex IPs to Evade Detection in Attacks on Linux SSH Servers - eviltoast

From The Hacker News

  • StarDreamer@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    1 year ago

    One way to do this would be set up crowdsec bouncers on each server but only run a single instance of the crowdsec daemon. Send all logs to the daemon and let it communicate with all the bouncers.