Contributed by grey on from the more tutorials dept.
For those who have no idea what sguil is, sguil is one of the best, if not perhaps the best snort analysis console out there. The implementation of sguil is as a client/server based model instead of web based. So instead of opening a port for apache with web scripting language, we prefer the other way around to harden our box especially if you just want to turn your box to be IDS/Firewall hybrid machine.
Here you can find the a write up on the complete installation of sguil under OpenBSD 3.6. Enjoy
http://misprai.mine.nu/anonymous/OpenBSD_sguil.pdf
geek00l also has a variety of additional OpenBSD focused resources which our readers may enjoy on his blog here: http://www.misprai.mine.nu/geek00L/
(Comments are closed)