[Snort-users] Acid and HSC

Bamm Visscher bamm at ...539...
Mon Nov 8 06:11:14 EST 2004

Maybe that error isn't specific enough. The sha1 libs are in the 'tcllib' extension and is in ports under /usr/ports/devel/tcllib.


On Mon, Nov 08, 2004 at 05:24:25PM +0800, sam wun wrote:
> Michael Boman wrote:
> >On Mon, 08 Nov 2004 16:07:24 +0800, sam wun <sam.wun at ...12627...> wrote:
> > 
> >
> >ACID can analyze packet payload, if you configured the database
> >logging correctly. However, if you want to practice true NSM (Network
> >Security Monitoring) I suggest you to take a look at Sguil
> >(www.sguil.net), which offers a range of features that is of interest
> >when you are investigating a possible intrusion or compromise.
> > 
> >
> I have no luck install Sguil in FreeBSD. The compilation is overly 
> complicated, especially in the TCL/TK related stuff.
> Here is some error:
> # ./sguild
> ERROR: The sha1 package does NOT appear to be installed on this sysem.
> The sha1 package is part of the tcllib extension. A port/package is 
> available for most linux and BSD systems.
> Exiting...
> However I don't find sha1 available in the port, only sha does.
> Any other alternative?
> >Best regards
> >Michael Boman

More information about the Snort-users mailing list