alerts and decisions are empty. No active decisions and No active alerts
But on my HA i saw today this alert
Login attempt failed
Login attempt or request with invalid authentication from vmi2464809.contaboserver.net (5.104.83.47). See the log for details.
Does that mean that crowdsec did not block that attacker but simply my password holds?
And unfortunately i dont knwo how to scan my system from extern. Is a portscanner enough? Like checking open ports from Open Port Check Tool - Test Port Forwarding on Your Router ?
Well, CrowdSec cannot block every IP failing a login only once. Technically, it can if you want it to, but that would be dangerous. Instead, if I recall, it will block if 10 logins fail within a minute.
And if your password can be found in less than 10 attempts, well it’s digital Darwinism in a way
