[Snort-users] sguil-0.4.0 Released
bamm at ...539...
Wed Apr 28 13:28:11 EDT 2004
Announcing the release of sguil-0.4.0. Get it at http://sguil.sourceforge.net
Sguil (pronounced sgweel), is built by network security analysts for network security analysts. Sguil"s main component is an intuiative GUI that provides the analyst with realtime events from snort/barnyard. It also includes other components which faciliate the practice of Network Security Monitoring and event driven analysis of IDS alerts. The sguil client is written in tcl/tk and can be ran on any operating system that supports tcl/tk (including Linux, *BSD, Solaris, MacOS, and Win32).
Those who would like to demo the client without going through a full blown server and sensor installation can install the client and point it towards sguil.dyndns.org (default ports). Just use any username and password when prompted.
As always, help can always be found via mailing lists and in irc (irc.freenode.net #snort-gui).
Changes/new features to sguil-0.4.0 include:
* Support for session logging via sancp (http://www.metre.net/sancp.html)
* Access control lists for clients and sensors
* Forked processes for handling queries and DB loading
* One click access to icat.nist.gov
* bugfixes, bugfixes, bugfixes
More information about the Snort-users