I want some opinions here. I'm not going to get into the details why its setup this way but i will just say it is what it is & i have to protect it 
. I have a windwows 11 box that is directly connected to the internet (RDP). The box is as expected constantly attacked. Bitdefender has done a great job of mitigating the attacks. When it detects an attack it will block that IP for an unknown amount of time. Kind of hard to a dictionary attack from a machine that keeps on blocking you right?
For quite some time i've been wanting to play around with crowdsec. I finally did this weekend & I really like it. It does that same thing & bitdefender does & much much more. For example they have lists of IPs that they have found globally attacking machines & blocks them. They way crowdsec works on windows is by creating block rules in the windows firewalls. I wasn't sure if bitdefender was a fancy interface (with rule creation) to the windows firewall but apparently its not. The block rules created by crowdsec (i simulated an attack) do not work when bitdefender is installed. So now I have a choice. I can maybe try to disable the firewall portion of bitdefender to see if crowdsec rules will then work, get rid of bitdefender & just use WD/Crowdsec, or just forget crowdsec & use bitdefender. Playing around with crowdsec i really liked it. What would you guys do?
. I have a windwows 11 box that is directly connected to the internet (RDP). The box is as expected constantly attacked. Bitdefender has done a great job of mitigating the attacks. When it detects an attack it will block that IP for an unknown amount of time. Kind of hard to a dictionary attack from a machine that keeps on blocking you right?For quite some time i've been wanting to play around with crowdsec. I finally did this weekend & I really like it. It does that same thing & bitdefender does & much much more. For example they have lists of IPs that they have found globally attacking machines & blocks them. They way crowdsec works on windows is by creating block rules in the windows firewalls. I wasn't sure if bitdefender was a fancy interface (with rule creation) to the windows firewall but apparently its not. The block rules created by crowdsec (i simulated an attack) do not work when bitdefender is installed. So now I have a choice. I can maybe try to disable the firewall portion of bitdefender to see if crowdsec rules will then work, get rid of bitdefender & just use WD/Crowdsec, or just forget crowdsec & use bitdefender. Playing around with crowdsec i really liked it. What would you guys do?
