翻訳と辞書
Words near each other
・ Sgt. Pepper's Lonely Hearts Club Band on the Road
・ Sgt. Petsound's Lonely Hearts Club Band
・ Sgt. Rock
・ Sgt. Savage and his Screaming Eagles
・ Sgt. Shonen's Exploding Plastic Eastman Band Request Mono! Stereo
・ Sgt. Slaughter
・ Sgt. Slaughter (G.I. Joe)
・ Sgt. Streetwise
・ Sgt. William H. Carney House
・ Sgt. William Harlow Family Homestead
・ Sgt. Wilson's Little Secret
・ Sgt. York Trophy
・ SGTA
・ SGTB Khalsa College
・ SGU
Sguil
・ SGUL Teddy Bear Hospital
・ Sgula
・ Sgurgola
・ Sgurra Bhreac (Nova Scotia)
・ SgurrEnergy
・ SGV
・ SGV (automobile)
・ SGV Freiberg
・ Sgwd Henrhyd
・ SGX (disambiguation)
・ SGX Centre
・ SGX Sensortech Limited
・ Sgòr an Lochain Uaine
・ Sgòr Gaoith


Dictionary Lists
翻訳と辞書 辞書検索 [ 開発暫定版 ]
スポンサード リンク

Sguil : ウィキペディア英語版
Sguil

Sguil (pronounced ''sgweel'' or ''squeal'') is a collection of free software components for Network Security Monitoring (NSM) and event driven analysis of IDS alerts. The sguil client is written in Tcl/Tk and can be run on any operating system that supports these. Sguil integrates alert data from Snort, session data from SANCP, and full content data from a second instance of Snort running in packet logger mode.
Sguil is an implementation of a Network Security Monitoring system. NSM is defined as "collection, analysis, and escalation of indications and warnings to detect and respond to intrusions."
What makes this particularly interesting is that this is basically a suite of tools which one can use as the foundation of an organization's Security Operations Center (SOC).
Sguil is released under the GPL 3.0.〔README file in the tarball〕
==Software architecture==
A sguil system is composed of a single sguil server and an arbitrary number of sguil network sensors. The sensors perform all the security monitoring tasks and feed information back to the server on a regular basis. The server coordinates this information, stores it in a database and communicates with sguil clients running on administrators' desktop machines. It can also issue requests for specific information from the sensors.
Each sensor monitors a single network link (although you can have multiple sensors on one physical machine). They collect several different types of information:
# Snort monitors the link for security events, and logs them to a file on the local disk.
# Barnyard takes events from the snort log file and sends them to the sensor agent, which inserts them into database running on the sguil server in near real-time
# A separate instance of snort logs the full content of all network packets to the local disk (this typically requires a large separate data partition)
# SANCP records TCP/IP sessions and forwards them to the database on the sguil server
# The sguil agent also listens for commands from the sguil server. These commands are typically requests for packet data previously logged by Snort.

抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)
ウィキペディアで「Sguil」の詳細全文を読む



スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース

Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.