IDS mailing list archives
New Sguil 0.4.0 installation guide
From: Richard Bejtlich <taosecurity () gmail com>
Date: Wed, 9 Jun 2004 18:03:16 -0400
Hello, I've published a new installation guide for Sguil, an open source interface to alert data, session data, and full content data for real-time, event-driven network security monitoring. http://sguil.sourceforge.net/sguil_guide_latest.txt The guide explains how to install Sguil 0.4.0, Snort 2.1.3, and Barnyard 0.2.0, along with supporting infrastructure like MySQL 4.0.x and various Tcl/Tk components. You may have seen Sguil mentioned recently in Marty's AUSCERT presentation [0], in the updated "Snort 2.1" from Syngress [1], or O'Reilly's "Network Security Hacks." [2] My book "The Tao of Network Security Monitoring: Beyond Intrusion Detection" arrives next month and features Sguil coverage throughout. [3] I've added information on dependencies, and building the sensor - database - server - client components on separate platforms in response to questions from users. I welcome feedback to sguil at taosecurity dot com or to taosecurity at gmail dot com. The Sguil team can be found in #snort-gui on irc.freenode.net. Thank you, Richard Bejtlich http://www.taosecurity.com [0] http://www.snort.org/docs/auscert-working-with-snort.pdf [1] http://www.syngress.com/catalog/sg_main.cfm?pid=2950 [2] http://www.oreilly.com/catalog/netsechacks [3] http://www.awprofessional.com/title/0321246772 --------------------------------------------------------------------------- ---------------------------------------------------------------------------
Current thread:
- New Sguil 0.4.0 installation guide Richard Bejtlich (Jun 10)