adding tools from awesome-sysadmin, which category?

[n1trux]

Hi,

I just noticed this list and linked to it from my awesome-sysadmin repo.

There were some duplicates, but my list had some tools which are not already on here. I'm not sure where to sort them though – here's the list, in italics behind the entries are my suggestions on where to sort it.

Please tell me where these tools belong (or if they're not awesome enough) and I come up with a short description and create a PR.

• Blackbox - Safely store secrets in Git/Mercurial. Provides tooling to automatically encrypt secrets like passwords. _DevOps?_
• Denyhosts - Thwart SSH dictionary based attacks and brute force attacks. _IPS_
• Fail2Ban - Scans log files and takes action on IPs that show malicious behavior. _IPS_
• FIR - Fast Incident Response, a cybersecurity incident management platform. _SIEM_
• fwknop - Protects ports via Single Packet Authorization in your firewall. _IPS/Firewall?_
• Linux Malware Detect - A malware scanner for Linux designed around the threats faced in shared hosted environments. _Scanner_
• Nmap - Nmap is a free and open source utility for network discovery and security auditing. _Scanner_
• OSQuery - Query your servers status and info using a SQL like interface. _DevOps?_
• pfSense - Firewall and Router FreeBSD distribution. _IPS/Firewall?_
• SpamAssassin - A powerful and popular email spam filter employing a variety of detection technique. _not sure_
• SSHGuard - A software to protect services in addition to SSH, written in C _IPS_

I suggest to add a new category "Firewall" to distinguish that from IDS/IPS.

[n1trux]

@Bifrozt: you can directly react to a comment – even the opening comment to an Issue or PR – by clicking the "smiley" reaction button ("+☺") on the top right of the entry (in the line "… commented … ago" on the far right).

[Bifrozt]

@n1trux thnx for the tip but, that didn't work too well from my cellphone apparently

[sbilly]

• Blackbox - Safely store secrets in Git/Mercurial. Provides tooling to automatically encrypt secrets like passwords. _DevOps?_

You can add a New TOP level category, 'SDL'

• Denyhosts - Thwart SSH dictionary based attacks and brute force attacks. _IPS_

YES, add to 'IDS / IPS / Host IDS / Host IPS'

• Fail2Ban - Scans log files and takes action on IPs that show malicious behavior. _IPS_

YES, add to 'IDS / IPS / Host IDS / Host IPS'

• FIR - Fast Incident Response, a cybersecurity incident management platform. _SIEM_ YES, add to 'Security Information & Event Management'
  • fwknop - Protects ports via Single Packet Authorization in your firewall. _IPS/Firewall?_

It's a kind of backdoor for administrator. I think It's not good for security.

• Linux Malware Detect - A malware scanner for Linux designed around the threats faced in shared hosted environments. _Scanner_

YES, you can add to 'Endpoint' - 'Anti-Virus / Anti-Maleware .'

• Nmap - Nmap is a free and open source utility for network discovery and security auditing. _Scanner_

Yes, you can add to 'Scanning / Pentesting'

• OSQuery - Query your servers status and info using a SQL like interface. _DevOps?_

I think it's not a security tools, but U can add to 'Forensics'

• pfSense - Firewall and Router FreeBSD distribution. _IPS/Firewall?_

You can add it to 'Network' - 'Firewall'

• SpamAssassin - A powerful and popular email spam filter employing a variety of detection technique. _not sure_

You can add it to 'Network' - 'Anti-Spam'

• SSHGuard - A software to protect services in addition to SSH, written in C _IPS_

YES, add to 'IDS / IPS / Host IDS / Host IPS'

[n1trux]

@sbilly should I do it all in one PR (separate commits for each program) or separate PRs?

[sbilly]

all in one is ok.