Submit Search
Upload
Sguil
•
Download as ODP, PDF
•
0 likes
•
3,920 views
Michael Boman
Follow
Sguil presentation for Linux User Group (Singapore) 2004/4/7
Read less
Read more
Technology
Report
Share
Report
Share
1 of 38
Download now
Recommended
Secure by Design - Security Design Principles for the Rest of Us
Secure by Design - Security Design Principles for the Rest of Us
Eoin Woods
Iso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in india
iFour Consultancy
Data mining: Concepts and Techniques, Chapter12 outlier Analysis
Data mining: Concepts and Techniques, Chapter12 outlier Analysis
Salah Amean
The Current ICS Threat Landscape
The Current ICS Threat Landscape
Dragos, Inc.
Secure SDLC Framework
Secure SDLC Framework
Rishi Kant
Spice
Spice
Oana Feidi
Industrial Cyber Security: What is Application Whitelisting?
Industrial Cyber Security: What is Application Whitelisting?
honeywellgf
Configuration of smlg
Configuration of smlg
purnaybi
Recommended
Secure by Design - Security Design Principles for the Rest of Us
Secure by Design - Security Design Principles for the Rest of Us
Eoin Woods
Iso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in india
iFour Consultancy
Data mining: Concepts and Techniques, Chapter12 outlier Analysis
Data mining: Concepts and Techniques, Chapter12 outlier Analysis
Salah Amean
The Current ICS Threat Landscape
The Current ICS Threat Landscape
Dragos, Inc.
Secure SDLC Framework
Secure SDLC Framework
Rishi Kant
Spice
Spice
Oana Feidi
Industrial Cyber Security: What is Application Whitelisting?
Industrial Cyber Security: What is Application Whitelisting?
honeywellgf
Configuration of smlg
Configuration of smlg
purnaybi
Complexity metrics and models
Complexity metrics and models
Roy Antony Arnold G
Chapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption Standard
Shafaan Khaliq Bhatti
An Introduction to Anomaly Detection
An Introduction to Anomaly Detection
Kenneth Graham
Cryptography on cloud
Cryptography on cloud
krprashant94
Secure Software Development Life Cycle
Secure Software Development Life Cycle
Maurice Dawson
Software Quality Metrics
Software Quality Metrics
Mufaddal Nullwala
RC4&RC5
RC4&RC5
guestff64339
Information Security and the SDLC
Information Security and the SDLC
BDPA Charlotte - Information Technology Thought Leaders
Security Development Lifecycle Tools
Security Development Lifecycle Tools
n|u - The Open Security Community
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
Como implementar um SGSI eficiente na empresa
Como implementar um SGSI eficiente na empresa
ESET Brasil
Data Encryption Standard (DES)
Data Encryption Standard (DES)
Haris Ahmed
Cissp- Security and Risk Management
Cissp- Security and Risk Management
Hamed Moghaddam
A review of machine learning based anomaly detection
A review of machine learning based anomaly detection
Mohamed Elfadly
The quantum age - secure transport networks
The quantum age - secure transport networks
ADVA
Logistic regression
Logistic regression
Learnbay Datascience
Software maintenance ppt
Software maintenance ppt
Anas Usman
K Nearest Neighbor Algorithm
K Nearest Neighbor Algorithm
Tharuka Vishwajith Sarathchandra
Information Technology Security Techniques Evaluation Criteria For It Secrit...
Information Technology Security Techniques Evaluation Criteria For It Secrit...
Vishnu Kesarwani
Cyber Security Management.pdf
Cyber Security Management.pdf
Robert Kloots
Intellinx.z watch
Intellinx.z watch
Jim Porell
First Responders Course - Session 6 - Detection Systems [2004]
First Responders Course - Session 6 - Detection Systems [2004]
Phil Huggins FBCS CITP
More Related Content
What's hot
Complexity metrics and models
Complexity metrics and models
Roy Antony Arnold G
Chapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption Standard
Shafaan Khaliq Bhatti
An Introduction to Anomaly Detection
An Introduction to Anomaly Detection
Kenneth Graham
Cryptography on cloud
Cryptography on cloud
krprashant94
Secure Software Development Life Cycle
Secure Software Development Life Cycle
Maurice Dawson
Software Quality Metrics
Software Quality Metrics
Mufaddal Nullwala
RC4&RC5
RC4&RC5
guestff64339
Information Security and the SDLC
Information Security and the SDLC
BDPA Charlotte - Information Technology Thought Leaders
Security Development Lifecycle Tools
Security Development Lifecycle Tools
n|u - The Open Security Community
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
Como implementar um SGSI eficiente na empresa
Como implementar um SGSI eficiente na empresa
ESET Brasil
Data Encryption Standard (DES)
Data Encryption Standard (DES)
Haris Ahmed
Cissp- Security and Risk Management
Cissp- Security and Risk Management
Hamed Moghaddam
A review of machine learning based anomaly detection
A review of machine learning based anomaly detection
Mohamed Elfadly
The quantum age - secure transport networks
The quantum age - secure transport networks
ADVA
Logistic regression
Logistic regression
Learnbay Datascience
Software maintenance ppt
Software maintenance ppt
Anas Usman
K Nearest Neighbor Algorithm
K Nearest Neighbor Algorithm
Tharuka Vishwajith Sarathchandra
Information Technology Security Techniques Evaluation Criteria For It Secrit...
Information Technology Security Techniques Evaluation Criteria For It Secrit...
Vishnu Kesarwani
Cyber Security Management.pdf
Cyber Security Management.pdf
Robert Kloots
What's hot
(20)
Complexity metrics and models
Complexity metrics and models
Chapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption Standard
An Introduction to Anomaly Detection
An Introduction to Anomaly Detection
Cryptography on cloud
Cryptography on cloud
Secure Software Development Life Cycle
Secure Software Development Life Cycle
Software Quality Metrics
Software Quality Metrics
RC4&RC5
RC4&RC5
Information Security and the SDLC
Information Security and the SDLC
Security Development Lifecycle Tools
Security Development Lifecycle Tools
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Como implementar um SGSI eficiente na empresa
Como implementar um SGSI eficiente na empresa
Data Encryption Standard (DES)
Data Encryption Standard (DES)
Cissp- Security and Risk Management
Cissp- Security and Risk Management
A review of machine learning based anomaly detection
A review of machine learning based anomaly detection
The quantum age - secure transport networks
The quantum age - secure transport networks
Logistic regression
Logistic regression
Software maintenance ppt
Software maintenance ppt
K Nearest Neighbor Algorithm
K Nearest Neighbor Algorithm
Information Technology Security Techniques Evaluation Criteria For It Secrit...
Information Technology Security Techniques Evaluation Criteria For It Secrit...
Cyber Security Management.pdf
Cyber Security Management.pdf
Similar to Sguil
Intellinx.z watch
Intellinx.z watch
Jim Porell
First Responders Course - Session 6 - Detection Systems [2004]
First Responders Course - Session 6 - Detection Systems [2004]
Phil Huggins FBCS CITP
Day4
Day4
Jai4uk
FBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise Workshop
Ernest Staats
Network Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain Essay
Karen Oliver
Gain visibility and real-time security alerts with VPC Flow Logs & AWS - DEM0...
Gain visibility and real-time security alerts with VPC Flow Logs & AWS - DEM0...
Amazon Web Services
Infocyte - Digital Forensics and Incident Response (DFIR) Training Session
Infocyte - Digital Forensics and Incident Response (DFIR) Training Session
Infocyte
Cracking Into Embedded Devices - HACK.LU 2K8
Cracking Into Embedded Devices - HACK.LU 2K8
guest441c58b71
SIEM presentation final
SIEM presentation final
Rizwan S
Automated production of predetermined digital evidence
Automated production of predetermined digital evidence
Animesh Lochan
SANS Threat Hunting Summit 2018 - Hunting Lateral Movement with Windows Event...
SANS Threat Hunting Summit 2018 - Hunting Lateral Movement with Windows Event...
Mauricio Velazco
Gain visibility & real-time actionable security alerts with VPC Flow Logs & A...
Gain visibility & real-time actionable security alerts with VPC Flow Logs & A...
Amazon Web Services
End of Studies project: Malware Repsonse Center
End of Studies project: Malware Repsonse Center
Abdessabour Arous
Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008
ClubHack
Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008
ClubHack
Workshop on BackTrack live CD
Workshop on BackTrack live CD
amiable_indian
Web Application Security
Web Application Security
Abdul Wahid
FBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise Workshop
Ernest Staats
The Internet of Things: We've Got to Chat
The Internet of Things: We've Got to Chat
Duo Security
Anatomy of an Advanced Retail Breach
Anatomy of an Advanced Retail Breach
IBM Security
Similar to Sguil
(20)
Intellinx.z watch
Intellinx.z watch
First Responders Course - Session 6 - Detection Systems [2004]
First Responders Course - Session 6 - Detection Systems [2004]
Day4
Day4
FBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise Workshop
Network Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain Essay
Gain visibility and real-time security alerts with VPC Flow Logs & AWS - DEM0...
Gain visibility and real-time security alerts with VPC Flow Logs & AWS - DEM0...
Infocyte - Digital Forensics and Incident Response (DFIR) Training Session
Infocyte - Digital Forensics and Incident Response (DFIR) Training Session
Cracking Into Embedded Devices - HACK.LU 2K8
Cracking Into Embedded Devices - HACK.LU 2K8
SIEM presentation final
SIEM presentation final
Automated production of predetermined digital evidence
Automated production of predetermined digital evidence
SANS Threat Hunting Summit 2018 - Hunting Lateral Movement with Windows Event...
SANS Threat Hunting Summit 2018 - Hunting Lateral Movement with Windows Event...
Gain visibility & real-time actionable security alerts with VPC Flow Logs & A...
Gain visibility & real-time actionable security alerts with VPC Flow Logs & A...
End of Studies project: Malware Repsonse Center
End of Studies project: Malware Repsonse Center
Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008
Workshop on BackTrack live CD
Workshop on BackTrack live CD
Web Application Security
Web Application Security
FBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise Workshop
The Internet of Things: We've Got to Chat
The Internet of Things: We've Got to Chat
Anatomy of an Advanced Retail Breach
Anatomy of an Advanced Retail Breach
More from Michael Boman
How to drive a malware analyst crazy
How to drive a malware analyst crazy
Michael Boman
Indicators of compromise: From malware analysis to eradication
Indicators of compromise: From malware analysis to eradication
Michael Boman
44CON 2014: Using hadoop for malware, network, forensics and log analysis
44CON 2014: Using hadoop for malware, network, forensics and log analysis
Michael Boman
DEEPSEC 2013: Malware Datamining And Attribution
DEEPSEC 2013: Malware Datamining And Attribution
Michael Boman
44CON 2013 - Controlling a PC using Arduino
44CON 2013 - Controlling a PC using Arduino
Michael Boman
Malware Analysis on a Shoestring Budget
Malware Analysis on a Shoestring Budget
Michael Boman
Malware analysis as a hobby (Owasp Göteborg)
Malware analysis as a hobby (Owasp Göteborg)
Michael Boman
Malware Analysis as a Hobby
Malware Analysis as a Hobby
Michael Boman
Malware analysis as a hobby - the short story (lightning talk)
Malware analysis as a hobby - the short story (lightning talk)
Michael Boman
Sans och vett på Internet
Sans och vett på Internet
Michael Boman
Blackhat USA 2011 - Cesar Cerrudo - Easy and quick vulnerability hunting in W...
Blackhat USA 2011 - Cesar Cerrudo - Easy and quick vulnerability hunting in W...
Michael Boman
Hur man kan testa sin HTTPS-server
Hur man kan testa sin HTTPS-server
Michael Boman
OWASP AppSec Research 2010 - The State of SSL in the World
OWASP AppSec Research 2010 - The State of SSL in the World
Michael Boman
Enkla hackerknep för testare
Enkla hackerknep för testare
Michael Boman
Privacy In Wireless Networks Keeping Your Private Data Private 2008-08-08
Privacy In Wireless Networks Keeping Your Private Data Private 2008-08-08
Michael Boman
USB (In)Security 2008-08-22
USB (In)Security 2008-08-22
Michael Boman
Automatic Malware Analysis 2008-09-19
Automatic Malware Analysis 2008-09-19
Michael Boman
Overcoming USB (In)Security
Overcoming USB (In)Security
Michael Boman
Privacy in Wireless Networks
Privacy in Wireless Networks
Michael Boman
Network Security Monitoring - Theory and Practice
Network Security Monitoring - Theory and Practice
Michael Boman
More from Michael Boman
(20)
How to drive a malware analyst crazy
How to drive a malware analyst crazy
Indicators of compromise: From malware analysis to eradication
Indicators of compromise: From malware analysis to eradication
44CON 2014: Using hadoop for malware, network, forensics and log analysis
44CON 2014: Using hadoop for malware, network, forensics and log analysis
DEEPSEC 2013: Malware Datamining And Attribution
DEEPSEC 2013: Malware Datamining And Attribution
44CON 2013 - Controlling a PC using Arduino
44CON 2013 - Controlling a PC using Arduino
Malware Analysis on a Shoestring Budget
Malware Analysis on a Shoestring Budget
Malware analysis as a hobby (Owasp Göteborg)
Malware analysis as a hobby (Owasp Göteborg)
Malware Analysis as a Hobby
Malware Analysis as a Hobby
Malware analysis as a hobby - the short story (lightning talk)
Malware analysis as a hobby - the short story (lightning talk)
Sans och vett på Internet
Sans och vett på Internet
Blackhat USA 2011 - Cesar Cerrudo - Easy and quick vulnerability hunting in W...
Blackhat USA 2011 - Cesar Cerrudo - Easy and quick vulnerability hunting in W...
Hur man kan testa sin HTTPS-server
Hur man kan testa sin HTTPS-server
OWASP AppSec Research 2010 - The State of SSL in the World
OWASP AppSec Research 2010 - The State of SSL in the World
Enkla hackerknep för testare
Enkla hackerknep för testare
Privacy In Wireless Networks Keeping Your Private Data Private 2008-08-08
Privacy In Wireless Networks Keeping Your Private Data Private 2008-08-08
USB (In)Security 2008-08-22
USB (In)Security 2008-08-22
Automatic Malware Analysis 2008-09-19
Automatic Malware Analysis 2008-09-19
Overcoming USB (In)Security
Overcoming USB (In)Security
Privacy in Wireless Networks
Privacy in Wireless Networks
Network Security Monitoring - Theory and Practice
Network Security Monitoring - Theory and Practice
Recently uploaded
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
Wes McKinney
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
Hiroshi SHIBATA
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
LoriGlavin3
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
Pixlogix Infotech
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
itnewsafrica
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
Ingrid Airi González
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
ThousandEyes
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
itnewsafrica
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
LoriGlavin3
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
Bernd Ruecker
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Pim van der Noll
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
panagenda
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Nikki Chapple
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Databarracks
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
BookNet Canada
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
Mydbops
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Alkin Tezuysal
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
LoriGlavin3
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
Knoldus Inc.
Recently uploaded
(20)
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
How to write a Business Continuity Plan
How to write a Business Continuity Plan
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
Sguil
1.
2.
3.
4.
5.
6.
7.
Sguil Login Screen
8.
Sguil Sensor Selection
9.
10.
Sguil Console Layout
Time (UTC) Event pane(s) Signature viewer Event / port scan details Reverse DNS / WHOIS lookup System Messages / Console CHAT window. Alert tabs
11.
Sguil flow :
Receiving IDS Alerts Network Sensor Snort IDS Barnyard Server sguild MySQL Console sguil.tk xscriptd log_packets sensor agent
12.
Sguil RT Events
Count Event ID Protocol Number 1 = ICMP 6 = TCP 17 = UDP Status
13.
Sguil flow :
Getting Alert Details Network Sensor Snort IDS Barnyard Server sguild MySQL Console sguil.tk xscriptd log_packets sensor agent
14.
Sguil Event Details
15.
Sguil Host Lookup
16.
Sguil flow :
Collecting Portscan Data Network Sensor Snort IDS Barnyard Server sguild MySQL Console sguil.tk xscriptd log_packets sensor agent
17.
Sguil flow :
Getting Portscan Details Network Sensor Snort IDS Barnyard Server sguild MySQL Console sguil.tk xscriptd log_packets sensor agent
18.
Sguil Portscan Event
19.
Sguil flow :
Recording Network Traffic Network Sensor Snort IDS Barnyard Server sguild MySQL Console sguil.tk xscriptd log_packets sensor agent
20.
Sguil flow :
Getting Session Transcript
21.
Sguil Transcript
22.
Sguil flow :
Getting PCAP data Network Sensor Snort IDS Barnyard Server sguild MySQL Console sguil.tk xscriptd log_packets sensor agent
23.
Ethereal integration
24.
Sguil flow :
Collecting Session Data Network Sensor Snort IDS Barnyard Server sguild MySQL Console sguil.tk xscriptd log_packets sensor agent
25.
Sguil flow :
Getting Session Details Network Sensor Snort IDS Barnyard Server sguild MySQL Console sguil.tk xscriptd log_packets sensor agent
26.
Sguil Session Query
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
Download now