CyberMind-FR
418e99e481
Complete WebRadio management interface for OpenWrt: - Dashboard with server status, listeners, now playing - Icecast/Ezstream server configuration - Playlist management with shuffle/upload - Programming grid scheduler with jingle support - Live audio input via DarkIce (ALSA) - Security: SSL/TLS, rate limiting, CrowdSec integration Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
27 lines
630 B
YAML
27 lines
630 B
YAML
# CrowdSec scenario for Icecast connection flood detection
|
|
# Detects rapid connection attempts from same IP
|
|
# Install: cp to /etc/crowdsec/scenarios/
|
|
|
|
type: leaky
|
|
name: cybermind/icecast-flood
|
|
description: "Detect connection flood attempts on Icecast streaming server"
|
|
filter: "evt.Meta.service == 'icecast'"
|
|
|
|
# Trigger on 20 connections in 30 seconds from same IP
|
|
leakspeed: "1s"
|
|
capacity: 20
|
|
groupby: evt.Meta.source_ip
|
|
|
|
blackhole: 5m
|
|
reprocess: true
|
|
|
|
labels:
|
|
service: icecast
|
|
type: connection_flood
|
|
confidence: 3
|
|
spoofable: 0
|
|
classification:
|
|
- attack.T1498
|
|
label: "Icecast connection flood"
|
|
remediation: true
|