FW: sguil-0.3.0 Released

[SRH-Lists <giermo () 333tech com>]

I think that this may be of interest to the Snort users in the Honeypot
community.

-steve

> All,
>
> Announcing the release of sguil-0.3.0. Get it at 
> http;//sguil.sourceforge.net
>
> Sguil (pronounced sgweel) , is built by network security 
> analysts for network security analysts. Sguil's main 
> component is an intuiative GUI that provides the analyst with 
> realtime events from snort/barnyard. It also includes other 
> components which faciliate the practice of Network Security 
> Monitoring and event driven analysis of IDS alerts. The sguil 
> client is written in tcl/tk and can be ran on any operating 
> system that supports tcl/tk (including Linux, *BSD, Solaris, 
> MacOS, and Win32).
>
> Demo version 0.3.0 by pointing your sguil client to the 
> server at bamm.dyndns.org. Use any username/passwd when prompted.
>
> Some changes/additions include:
>
>   * IP address and port lookups using http://www.dshield.org
>   * A 'wizard' for building queries
>   * A dialog for storing standard queries
>   * Export query results to a text file using CSV
>   * Email RT events based on signature ID and/or classifications
>   * Auto-catagorize events based on filters
>
> Bammkkkk
>
> Sguil-users mailing list
> Sguil-users () lists sourceforge net
> https://lists.sourceforge.net/lists/listinfo/sguil-users