Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Test Drive Sguil-0.2.5

From: Bamm Visscher <bamm () satx rr com>
Date: Thu, 17 Jul 2003 15:15:50 -0500
We recently released sguil-0.2.5 (http://sguil.sf.net).  As a way to provide interested parties a way to test drive 
sguil without going through the hassle of installing all the required components, I have made a sguil server publicly 
available. 

To use, first install the correct tcl libraries on your workstation (for example: Redhat 7.3 -> tclx-8.3-67, 
itcl-3.2-67, tcl-8.3.3-67, tcllib-1.0-67 OR win32 http://www.activestate.com/Products/ActiveTcl/). 

Second, download and install the sguil-client-0.2.5 tarball or zip archive from 
http://sourceforge.net/project/showfiles.php?group_id=71220&release_id=172069.

Next, edit the included sguil.conf to point towards bamm.dyndns.org (set SERVERHOST bamm.dyndns.org) using the default 
sguil ports.

Finally, launch the GUI (sguil.tk). The client will look for a 'wish' interpreter using the users PATH in a *NIX 
environment. If you are using a win32 platform, then either associate the .tk extension with the wish84 binary provided 
by the ActiveState libs, or access the wish84 shell directly and use `dir /path/to/sguil-0.2.5/client; source 
./sguil.tk` from the wish command prompt.

As the project matures, I expect the install will get easier. The barnyard output plugin (op_sguil) will hopefully find 
its way into the barnyard source tree soon. We are planning on moving the session stats out of stream4 and working with 
spp_portscan in hopes that we can get those patches into the snort source tree at some point too.

Once connected, you will be able to chat in the "User Messages" tab where we can answer any questions and give 
assistance. I'll keep the system up as long as my ISP lets me and assuming my precious dual-flop p133 can handle the 
load.

Bammkkkk


-------------------------------------------------------
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
same time. Free trial click here: http://www.vmware.com/wl/offer/345/0
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: