Re: Acid and HSC

[sam wun <sam.wun () authtec net>]

Michael Boman wrote:

> On Mon, 08 Nov 2004 16:07:24 +0800, sam wun <sam.wun () authtec net> wrote:
>  
>
> ACID can analyze packet payload, if you configured the database
> logging correctly. However, if you want to practice true NSM (Network
> Security Monitoring) I suggest you to take a look at Sguil
> (www.sguil.net), which offers a range of features that is of interest
> when you are investigating a possible intrusion or compromise.
>  
I have no luck install Sguil in FreeBSD. The compilation is overly 
complicated, especially in the TCL/TK related stuff.
Here is some error:
# ./sguild
ERROR: The sha1 package does NOT appear to be installed on this sysem.
The sha1 package is part of the tcllib extension. A port/package is 
available for most linux and BSD systems.
Exiting...
However I don't find sha1 available in the port, only sha does.

Any other alternative?


> Best regards
> Michael Boman
>
>  


-------------------------------------------------------
This SF.Net email is sponsored by:
Sybase ASE Linux Express Edition - download now for FREE
LinuxWorld Reader's Choice Award Winner for best database on Linux.
http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users