+ Reply to Thread
Results 1 to 5 of 5
  1. Sith Lord SephStorm's Avatar
    Join Date
    Dec 2009
    Location
    Atlanta, GA
    Posts
    1,709

    Certifications
    GPEN, GCIH, SFCP, CPT, CEH, QND
    #1

    Default Sguil for Windows

    Is anyone familiar with this? I installed it last night, despite the documentation being extremely out of date, If anyone wants to shoot me instructions for makinga an online youtube video, i'd love to make a tutorial...

    Anyway, I can connect to the demo server, but I don't have any instructions for connecting Sguil to my snort install at home. I'm running a single snort instance on a single PC, and I want to use Sguil as a front end to monitor and review the results. Anyone know how to do this?
    Reply With Quote Quote  

  2. SS
  3. Senior Member
    Join Date
    Dec 2011
    Location
    Texas
    Posts
    153

    Certifications
    GCIH, GCIA, CCNA:S, CCNA, Sec+, A+
    #2
    Is snort and Sguil on the same box?
    Reply With Quote Quote  

  4. Sith Lord SephStorm's Avatar
    Join Date
    Dec 2009
    Location
    Atlanta, GA
    Posts
    1,709

    Certifications
    GPEN, GCIH, SFCP, CPT, CEH, QND
    #3
    yes it is
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Dec 2011
    Location
    Texas
    Posts
    153

    Certifications
    GCIH, GCIA, CCNA:S, CCNA, Sec+, A+
    #4
    odd when you start sguil with snort running you should be able to chose a local sensor. I haven't messed with sguil a whole lot, I prefer snorby https://snorby.org/ . I think the reporting is cleaner.
    Reply With Quote Quote  

  6. Sith Lord SephStorm's Avatar
    Join Date
    Dec 2009
    Location
    Atlanta, GA
    Posts
    1,709

    Certifications
    GPEN, GCIH, SFCP, CPT, CEH, QND
    #5
    My front end has to be windows for the moment, i'm not seeing any windows installation options for snorby, and it has too many pre-reqs.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks