Your Favourite Open Source Software?

oldhat said:
PCem
Fallout Community Edition
Raven Reader
LosslessCut
Firejail
Tangram
Nanonote
Delta
Hadolint
Sylver
Click to expand...
Thanks. I added these except Fallout as the license has some restrictions on commercial use and stuff.

Also added
Firezone (credit to @r00igev@@r for dropping this nugget in his VPN thread)
Havoc Framework - post exploitation framework that is apparently becoming popular with Cyber Criminals. John Hammond has a good video on it.
OPSI - Software deployment tool.
 
I'm keen to start adding articles and tutorials to the site as well as the list. Will probably start with a few top 5 or top 10 type articles to get things started relatively quickly and I've got many ideas for more some more involved stuff.

If anyone has any requests or suggestions on topics you'd like to see covered please drop it here. If it's something I can help with, I'll add it to the to do list.
 
InvisibleJim said:
Thanks. I added these except Fallout as the license has some restrictions on commercial use and stuff.

Also added
Firezone (credit to @r00igev@@r for dropping this nugget in his VPN thread)
Havoc Framework - post exploitation framework that is apparently becoming popular with Cyber Criminals. John Hammond has a good video on it.
OPSI - Software deployment tool.
Click to expand...
I reached out to Jason Gong at Firezone as the software is neat for a hub but I would like it to be able to manage multiple wireguard instances listening on various ports and not only one on the hub. Its neat as its not as complex as some other offerings.
 
InvisibleJim said:
I'm keen to start adding articles and tutorials to the site as well as the list. Will probably start with a few top 5 or top 10 type articles to get things started relatively quickly and I've got many ideas for more some more involved stuff.

If anyone has any requests or suggestions on topics you'd like to see covered please drop it here. If it's something I can help with, I'll add it to the to do list.
Click to expand...
Here is an article I wrote about another open source offering, rport. It has some extra paid for functionality that you can subscribe to but the basic one is excellent. The article describes how I use it.
www.linkedin.com

SD-WAN: Using the rport infrastructure management tool to enhance services

The Fusion Broadband South Africa SD-WAN solution consists of a hub and spoke architecture and most tasks are managed from a central portal that configures all the functional operational and administration tasks. In reality, you don't need to access the cli.
www.linkedin.com www.linkedin.com
 
r00igev@@r said:
Here is an article I wrote about another open source offering, rport. It has some extra paid for functionality that you can subscribe to but the basic one is excellent. The article describes how I use it.
www.linkedin.com

SD-WAN: Using the rport infrastructure management tool to enhance services

The Fusion Broadband South Africa SD-WAN solution consists of a hub and spoke architecture and most tasks are managed from a central portal that configures all the functional operational and administration tasks. In reality, you don't need to access the cli.
www.linkedin.com www.linkedin.com
Click to expand...
Do you run everything from Rport over the SD-WAN or does any of it travel over or get exposed to the web?
 
r00igev@@r said:
I reached out to Jason Gong at Firezone as the software is neat for a hub but I would like it to be able to manage multiple wireguard instances listening on various ports and not only one on the hub. Its neat as its not as complex as some other offerings.
Click to expand...
In general, I like the mesh VPN/Overlay network type products like Zerotier, Tailscale, Nebula, Netmaker etc. which I think have a lot of potential. One problem though is that they can fall foul of IPS/IDS type features on firewalls which I think will tend to see them as random high port peer to peer traffic.

I like the integration that Firezone has with authentication providers - I'm even contemplating that requiring a VPN for access to on prem servers, even from the LAN might be an easy way to implement 2FA with Azure AD for on prem resources.
 
InvisibleJim said:
In general, I like the mesh VPN/Overlay network type products like Zerotier, Tailscale, Nebula, Netmaker etc. which I think have a lot of potential. One problem though is that they can fall foul of IPS/IDS type features on firewalls which I think will tend to see them as random high port peer to peer traffic.

I like the integration that Firezone has with authentication providers - I'm even contemplating that requiring a VPN for access to on prem servers, even from the LAN might be an easy way to implement 2FA with Azure AD for on prem resources.
Click to expand...
I'm quite happy with a simple hub and spoke topology.

I've logged a feature request or my requirement: https://github.com/firezone/firezone/issues/1440
 
InvisibleJim said:
Do you run everything from Rport over the SD-WAN or does any of it travel over or get exposed to the web?
Click to expand...
Don't fully understand the question. Since my edge and aggs are Linux using debian (or RHEL - redhat is using it internally themselves) rportd and rport runs directly on that infrastructure. rportd is on the agg in the DC and rport on the edge. Its exposed to the Internet at the agg and for added security I've been whitelisting a VPN concentrator for certain access that I want more secure. I've been using OpenConnect for that and now am experimenting with WG. That is where Firezone will fit in.
I do have some standalone Pis that I run it on.
 
r00igev@@r said:
Don't fully understand the question. Since my edge and aggs are Linux using debian (or RHEL - redhat is using it internally themselves) rportd and rport runs directly on that infrastructure. rportd is on the agg in the DC and rport on the edge. Its exposed to the Internet at the agg and for added security I've been whitelisting a VPN concentrator for certain access that I want more secure. I've been using OpenConnect for that and now am experimenting with WG. That is where Firezone will fit in.
I do have some standalone Pis that I run it on.
Click to expand...
I think I was just wondering if you were port forwarding to the management interface or keeping it all internal from the web. I watched the Awesome Open Source video on it again and I see rport has 2FA out of the box which is good.
 
InvisibleJim said:
I think I was just wondering if you were port forwarding to the management interface or keeping it all internal from the web. I watched the Awesome Open Source video on it again and I see rport has 2FA out of the box which is good.
Click to expand...
I suppose you can configure it like that but I have everything in Teraco on publics and use whitelisting.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X