Sguil (pronounced ''sgweel'' or ''squeal'') is a collection of free
software
Software consists of computer programs that instruct the Execution (computing), execution of a computer. Software also includes design documents and specifications.
The history of software is closely tied to the development of digital comput ...
components for
Network Security Monitoring (NSM) and event driven analysis of
IDS alerts.
The sguil client is written in
Tcl/
Tk and can be run on any operating system that supports these. Sguil integrates alert data from
Snort, session data from SANCP, and full content data from a second instance of Snort running in packet logger mode.
Sguil is an implementation of a Network Security Monitoring system. NSM is defined as "collection, analysis, and escalation of indications and warnings to detect and respond to intrusions."
Sguil is released under the GPL 3.0.
[README file in the tarball]
Tools that make up Sguil
See also
*
Sagan
*
Intrusion detection system (IDS)
*
Intrusion prevention system (IPS)
*
Network intrusion detection system (NIDS)
*
Metasploit Project
*
nmap
*
Host-based intrusion detection system comparison
References
External links
Sguil Homepage
Computer network security
Linux security software
Free network management software
Software that uses Tk (software)
{{security-software-stub