We have finished up our first round of testing against the modified version of the Sguil client (we have modified the 0.7.0 CVS version). Using the alert information displayed in the Sguil client we create a query and feed it into the NetWitness API through a vbscript which calls explorer.exe and passes it a NetWitness [...]
|
||||||
|
We will be deploying NetWitness soon and we have been looking for how to leverage it for the packet capture portion of our new centralized Sguil deployment instead of sancp or daemonlogger. We have come up with a way, all be it a bit hackish, of modifying the Sguil client to allow you to view [...] |
||||||
|
Copyright © 2010 Trojaned Binaries - All Rights Reserved |
||||||