bsdjunkie
December 7th, 2004, 15:01
Announcing the release of sguil version 0.5.3.
Additions include the ability to import and query nessus reports, text
search for transcripts, and much pertifying and bugfixing. Full
changes/updates can be found here [0].
Sguil (pronounced sgweel) is built by network security analysts for
network security analysts. Sguil's main component is an intuitive GUI
that provides realtime events from snort/barnyard. It also includes
other components which facilitate the practice of Network Security
Monitoring and event driven analysis of IDS alerts. The sguil client
is written in tcl/tk and can be run on any operating system that
supports tcl/tk (including Linux, *BSD, Solaris, MacOS, and Win32).
More information about sguil and NSM can be found in Richard
Bejtlich's [0] book, "The Tao of NSM" [1]. Chapter 10 gives awesome
insight into using sguil and is available online [2].
I'll have the demo server (demo.sguil.net:7734) upgraded soon for
those who want to go for a test drive. As always, more information
and help can be found via the mailing lists or in #snort-gui on
irc.freenode.net.
</shameless plugs>
Happy Holidays!
Bammkkkk
[0] http://sguil.sf.net/changes.txt
[1] http://taosecurity.blogspot.com
[2] http://www.amazon.com/exec/obidos/ASIN/0321246772
[3] http://www.informit.com/articles/article.asp?p=350390
--
sguil - The Analyst Console for NSM
http://sguil.sf.net
Additions include the ability to import and query nessus reports, text
search for transcripts, and much pertifying and bugfixing. Full
changes/updates can be found here [0].
Sguil (pronounced sgweel) is built by network security analysts for
network security analysts. Sguil's main component is an intuitive GUI
that provides realtime events from snort/barnyard. It also includes
other components which facilitate the practice of Network Security
Monitoring and event driven analysis of IDS alerts. The sguil client
is written in tcl/tk and can be run on any operating system that
supports tcl/tk (including Linux, *BSD, Solaris, MacOS, and Win32).
More information about sguil and NSM can be found in Richard
Bejtlich's [0] book, "The Tao of NSM" [1]. Chapter 10 gives awesome
insight into using sguil and is available online [2].
I'll have the demo server (demo.sguil.net:7734) upgraded soon for
those who want to go for a test drive. As always, more information
and help can be found via the mailing lists or in #snort-gui on
irc.freenode.net.
</shameless plugs>
Happy Holidays!
Bammkkkk
[0] http://sguil.sf.net/changes.txt
[1] http://taosecurity.blogspot.com
[2] http://www.amazon.com/exec/obidos/ASIN/0321246772
[3] http://www.informit.com/articles/article.asp?p=350390
--
sguil - The Analyst Console for NSM
http://sguil.sf.net