Honeypots mailing list archives
FW: sguil-0.3.0 Released
From: SRH-Lists <giermo () 333tech com>
Date: Thu, 30 Oct 2003 15:36:22 -0600
I think that this may be of interest to the Snort users in the Honeypot community. -steve
All, Announcing the release of sguil-0.3.0. Get it at http;//sguil.sourceforge.net Sguil (pronounced sgweel) , is built by network security analysts for network security analysts. Sguil's main component is an intuiative GUI that provides the analyst with realtime events from snort/barnyard. It also includes other components which faciliate the practice of Network Security Monitoring and event driven analysis of IDS alerts. The sguil client is written in tcl/tk and can be ran on any operating system that supports tcl/tk (including Linux, *BSD, Solaris, MacOS, and Win32). Demo version 0.3.0 by pointing your sguil client to the server at bamm.dyndns.org. Use any username/passwd when prompted. Some changes/additions include: * IP address and port lookups using http://www.dshield.org * A 'wizard' for building queries * A dialog for storing standard queries * Export query results to a text file using CSV * Email RT events based on signature ID and/or classifications * Auto-catagorize events based on filters Bammkkkk Sguil-users mailing list Sguil-users () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/sguil-users
Current thread:
- FW: sguil-0.3.0 Released SRH-Lists (Oct 30)