Snort mailing list archives
Re: Acid and HSC
From: Michael Boman <michael.boman () gmail com>
Date: Mon, 8 Nov 2004 17:58:29 +0800
On Mon, 08 Nov 2004 17:24:25 +0800, sam wun <sam.wun () authtec net> wrote:
Michael Boman wrote:On Mon, 08 Nov 2004 16:07:24 +0800, sam wun <sam.wun () authtec net> wrote: ACID can analyze packet payload, if you configured the database logging correctly. However, if you want to practice true NSM (Network Security Monitoring) I suggest you to take a look at Sguil (www.sguil.net), which offers a range of features that is of interest when you are investigating a possible intrusion or compromise.I have no luck install Sguil in FreeBSD. The compilation is overly complicated, especially in the TCL/TK related stuff. Here is some error: # ./sguild ERROR: The sha1 package does NOT appear to be installed on this sysem. The sha1 package is part of the tcllib extension. A port/package is available for most linux and BSD systems. Exiting... However I don't find sha1 available in the port, only sha does. Any other alternative?
FreeBSD (or any BSD) is apparently a bit difficult beast to master (I am responsible for the Linux RPM's and the Windows installer. You can check them out at http://download.boseco.com if you decide to switch platform ;) ). There are BSD specific instructions available on sguil.net how to get it working. I am sure Bamm or Richard will reply on this with some *BSD instructions shortly, but I haven't used BSD myself for the last 4 years so. Best regards Michael Boman ------------------------------------------------------- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Acid and HSC sam wun (Nov 08)
- Re: Acid and HSC Michael Boman (Nov 08)
- Re: Acid and HSC sam wun (Nov 08)
- Re: Acid and HSC Michael Boman (Nov 08)
- Re: Acid and HSC Paul Schmehl (Nov 08)
- Re: Acid and HSC Bamm Visscher (Nov 08)
- Re: Acid and HSC sam wun (Nov 08)
- Re: Acid and HSC Michael Boman (Nov 08)
- Re: Acid and HSC Edin Dizdarevic (Nov 08)
- Message not available
- Re: Acid and HSC Edin Dizdarevic (Nov 08)
- Message not available
- <Possible follow-ups>
- Re: Acid and HSC Richard Bejtlich (Nov 10)