Inspired by an old post, John Curry, and David Bianco's NSM Wiki, I decided I would install the Sguil client on Ubuntu. It was really easy.
First I edited the /etc/apt/sources.list file to include the "universe" package collections:
deb http://us.archive.ubuntu.com/ubuntu/ edgy universe
deb-src http://us.archive.ubuntu.com/ubuntu/ edgy universe
Next I updated the apt cache and added the libraries I needed.
richard@neely:~$ sudo apt-get update
...edited...
richard@neely:~$ sudo apt-get install tclx8.4 tcllib iwidgets4 wireshark
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
itcl3 itk3 libadns1 libpcre3 tcl8.4 tk8.4 wireshark-common
Suggested packages:
itcl3-doc itk3-doc iwidgets4-doc tclreadline tclx8.4-doc
Recommended packages:
libadns1-bin
The following NEW packages will be installed:
itcl3 itk3 iwidgets4 libadns1 libpcre3 tcl8.4 tcllib tclx8.4 tk8.4 wireshark
wireshark-common
0 upgraded, 11 newly installed, 0 to remove and 0 not upgraded.
Need to get 13.0MB of archives.
After unpacking 51.4MB of additional disk space will be used.
Do you want to continue [Y/n]? y
...truncated...
When done I downloaded the sguil-client-0.6.1.tar.gz archive, and modified sguil.conf thus:
set ETHEREAL_PATH /usr/bin/wireshark
That's it. I was able to start Sguil and access servers.
0 komentar:
Posting Komentar