BSDCan Banner
Home
Call for papers
Papers
Committee
Presentations
Speakers
Registration
Tutorials
Schedule
Sponsors

Social
BOFs
Network Security Monitoring with Sguil
Many people use open source intrusion detection tools, but most concentrate on collecting only alert data. To fully investigate incidents, alert data must be supplemented by session and full content data. Without this complementary information, it's seldom possible to validate and escalate security events without performing host-based forensics or other time-intensive tasks.

Sguil (http://sguil.sf.net) is an open source interface to all three types of network-based evidence. It was developed on FreeBSD but is also deployed on OpenBSD and Linux. This talk will explain the sorts of data one can collect and examine using short case studies from real world traffic. It will conclude with a live demo of Sguil on FreeBSD.

speaker not assigned

location: TBA

Hotel + Travel
About Ottawa
FAQ
Forum

Links
Help out!
Contact Us
News
Privacy
What is BSD?

BSDCan 2004
BSDCan 2005
BSDCan 2006
BSDCan 2007
BSDCan 2008
BSDCan 2009
BSDCan 2010
BSDCan 2011
BSDCan 2012
BSDCan 2013
BSDCan 2014
Copyright © 2003-2011 BSDCan. All rights reserved.
Valid HTML, and CSS