[Snort-users] Acid and HSC

sam wun sam.wun at ...12627...
Mon Nov 8 01:31:34 EST 2004


Michael Boman wrote:

>On Mon, 08 Nov 2004 16:07:24 +0800, sam wun <sam.wun at ...12627...> wrote:
>  
>
>ACID can analyze packet payload, if you configured the database
>logging correctly. However, if you want to practice true NSM (Network
>Security Monitoring) I suggest you to take a look at Sguil
>(www.sguil.net), which offers a range of features that is of interest
>when you are investigating a possible intrusion or compromise.
>  
>
I have no luck install Sguil in FreeBSD. The compilation is overly 
complicated, especially in the TCL/TK related stuff.
Here is some error:
# ./sguild
ERROR: The sha1 package does NOT appear to be installed on this sysem.
The sha1 package is part of the tcllib extension. A port/package is 
available for most linux and BSD systems.
Exiting...
However I don't find sha1 available in the port, only sha does.

Any other alternative?


>Best regards
> Michael Boman
>
>  
>




More information about the Snort-users mailing list