IDS mailing list archives
sguil-0.3.0 Released
From: Bamm Visscher <bamm () satx rr com>
Date: Thu, 30 Oct 2003 15:28:04 -0600
All, Announcing the release of sguil-0.3.0. Get it at http;//sguil.sourceforge.net Sguil (pronounced sgweel) , is built by network security analysts for network security analysts. Sguil's main component is an intuiative GUI that provides the analyst with realtime events from snort/barnyard. It also includes other components which faciliate the practice of Network Security Monitoring and event driven analysis of IDS alerts. The sguil client is written in tcl/tk and can be ran on any operating system that supports tcl/tk (including Linux, *BSD, Solaris, MacOS, and Win32). Demo version 0.3.0 by pointing your sguil client to the server at bamm.dyndns.org. Use any username/passwd when prompted. Some changes/additions include: * IP address and port lookups using http://www.dshield.org * A 'wizard' for building queries * A dialog for storing standard queries * Export query results to a text file using CSV * Email RT events based on signature ID and/or classifications * Auto-catagorize events based on filters Bammkkkk --------------------------------------------------------------------------- Network with over 10,000 of the brightest minds in information security at the largest, most highly-anticipated industry event of the year. Don't miss RSA Conference 2004! Choose from over 200 class sessions and see demos from more than 250 industry vendors. If your job touches security, you need to be here. Learn more or register at http://www.securityfocus.com/sponsor/RSA_focus-ids_031023 and use priority code SF4. ---------------------------------------------------------------------------
Current thread:
- sguil-0.3.0 Released Bamm Visscher (Nov 03)