Posts Tagged ‘wireshark’

Sguil 0.70 and Wireshark 1.0.0 Released

Monday, March 31st, 2008

Sguil LogoIt seems a bit late to announce both releases. After a long development process and beta testing, Sguil 0.7.0 has finally been released. It does not take long for modsec2sguil to work with the latest release as well. I have not upgraded my Sguil installation to 0.70 yet, but it won’t take a long time for me to do that because I plan to upgrade the hard disk as well, so every thing will be fresh installation, including the OS - FreeBSD 7.0.

Wireshark LogoIn my opinion, every network analysts should get familiar with these 2 tools, especially Wireshark. In this new version, Wireshark team has fixed few security vulnerabilities, and there is an experimental package for Mac OSX Intel as well.

Other than these releases, I have done a small upgrade from FreeBSD 6.2R to FreeBSD 6.3R recently, which I refer to here. This is only applicable if you are running GENERIC FreeBSD kernel.

[[email protected] /]# fetch http://people.freebsd.org/~cperciva/freebsd-update-upgrade.tgz

[[email protected] /]# fetch http://people.freebsd.org/~cperciva/freebsd-update-upgrade.tgz.asc

[[email protected] /]# gpg --verify freebsd-update-upgrade.tgz.asc freebsd-update-upgrade.tgz

[[email protected] /]# tar -xf freebsd-update-upgrade.tgz

[[email protected] /]# sh freebsd-update.sh -f freebsd-update.conf -r 6.3-RELEASE upgrade
Looking up update.FreeBSD.org mirrors... 1 mirrors found.
Fetching metadata signature for 6.2-RELEASE from update1.FreeBSD.org... done.
Fetching metadata index... done.
Fetching 1 metadata files... done.
Inspecting system... done.

WARNING: This system is running a "nsm-smpkernel-generic" kernel, which is not a
kernel configuration distributed as part of FreeBSD 6.2-RELEASE.
This kernel will not be updated: you MUST update the kernel manually
before running "freebsd-update.sh install".

The following components of FreeBSD seem to be installed:
src/base src/bin src/contrib src/crypto src/etc src/games src/gnu
src/include src/krb5 src/lib src/libexec src/release src/rescue src/sbin
src/secure src/share src/sys src/tools src/ubin src/usbin world/base
world/catpages world/manpages

The following components of FreeBSD do not seem to be installed:
kernel/generic kernel/smp world/dict world/doc world/games world/info
world/proflibs

Does this look reasonable (y/n)? y

Fetching metadata signature for 6.3-RELEASE from update1.FreeBSD.org... done.
Fetching metadata index... done.
Fetching 1 metadata patches. done.
Applying metadata patches... done.
Fetching 1 metadata files... done.
Inspecting system... done.
Preparing to download files... done.
Fetching 6233 patches.....10....20....30.................6230. done.
Applying patches... done.
Fetching 647 files... done.

The following files will be removed as part of updating to 6.3-RELEASE-p1:
/usr/share/examples/netgraph/bluetooth/rc.bluetooth
/usr/share/man/cat3/archive_read_set_bytes_per_block.3.gz
/usr/share/man/cat3/archive_write_prepare.3.gz
/usr/share/man/cat4/kame.4.gz
/usr/share/man/man3/archive_read_set_bytes_per_block.3.gz
/usr/share/man/man3/archive_write_prepare.3.gz
/usr/share/man/man4/kame.4.gz
/usr/share/zoneinfo/Africa/Asmera
......

[[email protected] /]# sh freebsd-update.sh -f freebsd-update.conf install
[[email protected] /]# shutdown -r now

[[email protected] /]# sh freebsd-update.sh -f freebsd-update.conf install
[[email protected] /]# shutdown -r now