CrowdSec provides a complete suite of cybersecurity products to effectively protect your online services, a SaaS-based dashboard for threat visibility and response, and a common threat intelligence database to proactively block aggressive incoming traffic. In this article will be described, how you can install this tool on your server with Debian 11.

Install the CrowdSec Agent

Login to the server using SSH, or VNC with a non-root user who has sudo privileges. To get started, it is recommended that you log into your server with a sudo user. You can do it like this:

ssh any-user@<Your_IP_Address>

Next, it is recommended to download a special script. It will add the given repository – packagecloud.io to the list of sources and the packagecloud.io GPG key to check the downloads. Just copy the command (using curl)

curl -s https://packagecloud.io/install/repositories/crowdsec/crowdsec/script.deb.sh | sudo bash

Install CrowdSec

After successfully installing a special script, you can proceed with the installation of CrowdSec. This can be done by following the following command:

apt install crowdsec

Next, you need to check this installation. Just enter the following command:

systemctl status crowdsec

The result will be something like this:

crowdsec.service - Crowdsec agent
    Loaded: loaded (/lib/systemd/system/crowdsec.service; enabled; vendor pres>
    Active: active (running) since ... etc.

You will be able to upload a list of required manipulations with your CrowdSec. The helper can be called like this command:

cscli machines list

Install a Firewall

It is highly recommended to install a firewall. This will be useful and very important as using the CrowdSec agent to prevent intrusions into your system. Install as below:

apt install crowdsec-firewall-bouncer-iptables -y

You can view the important points regarding the firewall like this:

cscli alerts list

cscli decisions list

cscli metrics