Monday, January 9, 2006


Here's a couple free tools that are valuable to have...

Richard Bejtlich (Tao Security) has developed a Squil VM that you can run using VMware's VMware Player.

If you're interested in learning about Snort, Sguil, VMware, or any of the other tools that Richard as gathered into the VM, this is a good collection of tools with which to experiment. (I've always had trouble getting Sguil up and running.) Thanks Richard!

Update: Richard's follow-on posts about the VM are also valuable. Be sure to read: this, this, this and this.