Announcing the release of sguil version 0.5.3.
Additions include the ability to import and query nessus reports, text
search for transcripts, and much pertifying and bugfixing. Full
changes/updates can be found here [0].
Sguil (pronounced sgweel) is built by network security analysts for
network security analysts. Sguil's main component is an intuitive GUI
that provides realtime events from snort/barnyard. It also includes
other components which facilitate the practice of Network Security
Monitoring and event driven analysis of IDS alerts. The sguil client
is written in tcl/tk and can be run on any operating system that
supports tcl/tk (including Linux, *BSD, Solaris, MacOS, and Win32).
More information about sguil and NSM can be found in Richard
Bejtlich's [0] book, "The Tao of NSM" [1]. Chapter 10 gives awesome
insight into using sguil and is available online [2].
I'll have the demo server (demo.sguil.net:7734) upgraded soon for
those who want to go for a test drive. As always, more information
and help can be found via the mailing lists or in #snort-gui on
irc.freenode.net.
</shameless plugs>
Happy Holidays!
Bammkkkk
[0] http://sguil.sf.net/changes.txt
[1] http://taosecurity.blogspot.com
[2] http://www.amazon.com/exec/obidos/ASIN/0321246772
[3] http://www.informit.com/articles/article.asp?p=350390
--
sguil - The Analyst Console for NSM
http://sguil.sf.net
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://productguide.itmanagersjournal.com/
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
