Sguil (pronounced sgweel) is probably best described as an aggregation system for network security monitoring tools. It ties your IDS alerts into a database of TCP/IP sessions, full content packet logs and other information. When you’ve identified an alert that needs more investigation, the sguil client provides you with seamless access to the data you […]
snort
Impressive Open Source Intrusion Prevention – HLBR
It’s good to see work on open source tools in the countermeasure department aswell as the attack and penetration arena. It’s a shame since Snort and Nessus have gone semi-commercial. I hope more people invest their time in good IDS, Firewall and IPS systems, I love things like IPCop and hope to see more products […]
BASE 1.2.6 Released (Basic Analysis & Security Engine)
[ad] We are happy to announce that the 1.2.6 (christine) release of the Basic Analysis and Security Engine (BASE) is available. BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the […]
US Investigates Snort Sale as a Security Risk
[ad] Basically the Americans are saying a lot of their sensitive govermental organisations are using Snort and they don’t want the software to be controlled by an Israeli company, they see it as a threat. The same Bush administration review panel that approved a ports deal involving the United Arab Emirates has notified a leading […]