[Snort-users] Acid and HSC
sam.wun at ...12627...
Mon Nov 8 01:31:34 EST 2004
Michael Boman wrote:
>On Mon, 08 Nov 2004 16:07:24 +0800, sam wun <sam.wun at ...12627...> wrote:
>ACID can analyze packet payload, if you configured the database
>logging correctly. However, if you want to practice true NSM (Network
>Security Monitoring) I suggest you to take a look at Sguil
>(www.sguil.net), which offers a range of features that is of interest
>when you are investigating a possible intrusion or compromise.
I have no luck install Sguil in FreeBSD. The compilation is overly
complicated, especially in the TCL/TK related stuff.
Here is some error:
ERROR: The sha1 package does NOT appear to be installed on this sysem.
The sha1 package is part of the tcllib extension. A port/package is
available for most linux and BSD systems.
However I don't find sha1 available in the port, only sha does.
Any other alternative?
> Michael Boman
More information about the Snort-users