IDS mailing list archives
Sguil 0.5.3 Released
From: Bamm Visscher <bamm.visscher () gmail com>
Date: Tue, 7 Dec 2004 12:52:12 -0600
Announcing the release of sguil version 0.5.3. Additions include the ability to import and query nessus reports, text search for transcripts, and much pertifying and bugfixing. Full changes/updates can be found here [0]. Sguil (pronounced sgweel) is built by network security analysts for network security analysts. Sguil's main component is an intuitive GUI that provides realtime events from snort/barnyard. It also includes other components which facilitate the practice of Network Security Monitoring and event driven analysis of IDS alerts. The sguil client is written in tcl/tk and can be run on any operating system that supports tcl/tk (including Linux, *BSD, Solaris, MacOS, and Win32). More information about sguil and NSM can be found in Richard Bejtlich's [0] book, "The Tao of NSM" [1]. Chapter 10 gives awesome insight into using sguil and is available online [2]. I'll have the demo server (demo.sguil.net:7734) upgraded soon for those who want to go for a test drive. As always, more information and help can be found via the mailing lists or in #snort-gui on irc.freenode.net. </shameless plugs> Happy Holidays! Bammkkkk [0] http://sguil.sf.net/changes.txt [1] http://taosecurity.blogspot.com [2] http://www.amazon.com/exec/obidos/ASIN/0321246772 [3] http://www.informit.com/articles/article.asp?p=350390 -- sguil - The Analyst Console for NSM http://sguil.sf.net -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- Sguil 0.5.3 Released Bamm Visscher (Dec 08)