Re: [Sguil-users] Sguil's Future
Status: Beta
Brought to you by:
bamm
Menu
▾
▴
Re: [Sguil-users] Sguil's Future
|
From: Bamm V. <bam...@gm...> - 2005-06-21 19:18:55
|
Our list of individual todos is huge, but I can give you an idea of the general direction we are going. Things have been moving rather slowly as both Steve and I have been rather busy. I am relocating to Colorado and my list of 'todos' to got done around the house trump the sguil todo (or I'll find myself sleeping on the couch). I've tagged current CVS as 0.6.0-BETA, it's stable, but I expect some significant updates before it's released. The big push for 0.6.0 is to migrate the tables to take advantage of mysql MERGE tables (we've been doin this with sancp since March 1). MERGE tables provides better scalability (faster searches and easier/quicker archiving). Client stuff: I'd like to refine the client look and feel (moving prefs into the client and dropping the sguil.conf). We also need to go thru and clean up some of the comms infrastructure. Server stuff: I'd like to start support for other DB's (postgresql especially) but won't start this until after all the MERGE stuff is done. At that point we can use that structure for PMPDB. Another big feature will be incident tracking and reporting. And finally, sensor and rule management, but these won't happen until I am comfortable with the features we have from an analyst console perspective. Sensor stuff: Other than fine tuning, the only big things I can see happening on the sensor side is adding different collection types. This includes using tethereal, tcpdump, etc to collect pcap data as well as argus, flow-tools, etc for connection data. Bammkkkk On 6/21/05, Stanley Schultz <ssc...@hu...> wrote: > Hello all. Just curious where the Software Sguil is going in the future. = I am working with Sguil in > OpenBSD 3.7 OS environment. >=20 > Its a one system box as firewall, IDS and database. >=20 > It protects my dual XEON Windows XP Box. >=20 > Question... >=20 > Did one of the main developers leave the group? I do not want to see this= Software Development diminish. > Lets keep this great piece of software with hardworking, continued develo= pment. >=20 > If you sold it commerciallly, I would buy it...no doubt in my mind. >=20 > Great Job to all Developers... >=20 > ******************************************************************* > This email and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom they > are addressed. If you have received this email in error please notify > the system manager. >=20 > This footnote also confirms that this email message has been swept > for the presence of computer viruses. >=20 > www.hubbell.com - Hubbell Incorporated >=20 >=20 > ------------------------------------------------------- > SF.Net email is sponsored by: Discover Easy Linux Migration Strategies > from IBM. Find simple to follow Roadmaps, straightforward articles, > informative Webcasts and more! Get everything you need to get up to > speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id=16492&opclick > _______________________________________________ > Sguil-users mailing list > Sgu...@li... > https://lists.sourceforge.net/lists/listinfo/sguil-users >=20 --=20 sguil - The Analyst Console for NSM http://sguil.sf.net |