Main Page

From NSMWiki
Jump to: navigation, search
Welcome to NSMWiki,
the official wiki for the Sguil Project.
927 users have contributed 76 articles. Thank you!

New to Sguil? Check out this overview and some installation guides. You might also want to read the FAQ.

Tools in the Sguil Suite

Other NSM Tools

The practice of Network Security Monitoring (NSM) is so broad that it encompasses both traditional IDS/IPS and other network information gathering techniques, all focused on providing an intrusion analyst with the best possible information in the shortest amount of time. NSMWiki was started by a group of analysts, is written by analysts and it's sole purpose is to help analysts. As it is sponsored by the Sguil project, there is obviously a lot of Sguil-specific information here. However, not everyone who does NSM uses Sguil (we're working on that). Consequently, we view NSMWiki as more of a general NSM resource.

Like any other Wiki (e.g., Wikipedia), NSMWiki is a collaborative environment for sharing all sorts of IDS- and NSM-related information. Anyone is free to read and contribute as they see fit. Please do try to keep things on topic. Anything vaguely related to NSM, IDS, traffic analysis or other network security topic is fair game. Just by visiting NSMWiki, you're already helping to make it a popular source of information about NSM. Thank you.

If you're interested in doing more, the best thing you could do is to contribute something. If you know of a subject that needs to be covered here, feel free to write about it in the wiki. If you're not sure what topic to start with, you can always start with one of our Wanted Pages.

One thing I would like is to have a nice Sguil-specific skin for the wiki. Nothing gaudy or fancy, but something that's not just the standard MediaWiki default. If you've got some graphic design skills and would like to help, contact me.

Thanks to our special friends: I've been having a running battle with some wiki spammers in the last few weeks, the result of which is that I have installed a new reCAPTCHA system on NSMWiki. New users will now be required to pass the CAPTCHA test to prove that they are humans. In order to try to keep the annoyance level to a minimum, I have configured things so that normal wiki edits will not require CAPTCHA tests, but if you try to insert a new URL into any page, you will see one.

Sorry for the annoyance, and thanks for bearing with me while I solved this.