Security onion sguil client for windows
552 views
Skip to first unread message
Muhd Haziq
Jul 14, 2015, 9:25:17 PM7/14/15
to securit...@googlegroups.com
Although i know there is a way for me to remote access or just install security onion to access, i prefer the sguil client.. is there any way cos i find on internet the sguil client is outdated.. if there is any way i can still use sguil client.. pls explain...if not...nvm
Doug Burks
Jul 15, 2015, 5:18:20 AM7/15/15
to securit...@googlegroups.com
If you want the *stock* Sguil client, you should be able to install
tcl/tk on Windows, then download Sguil from here:
https://github.com/bammv/sguil/releases/tag/v0.9.0
If you have questions or problems with the *stock* Sguil client, then
you should use the Sguil mailing list:
http://bammv.github.io/sguil/contact.html
If you instead want the "Security Onion Sguil client" (per the subject
of this thread), then I'd recommend installing Security Onion in a VM:
https://github.com/Security-Onion-Solutions/security-onion/wiki/ConnectingtoSguil#directly-connecting-to-sguild-remotely
On Tue, Jul 14, 2015 at 9:25 PM, Muhd Haziq <s961...@gmail.com> wrote:
> Although i know there is a way for me to remote access or just install security onion to access, i prefer the sguil client.. is there any way cos i find on internet the sguil client is outdated.. if there is any way i can still use sguil client.. pls explain...if not...nvm
>
> --
> You received this message because you are subscribed to the Google Groups "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at http://groups.google.com/group/security-onion.
> For more options, visit https://groups.google.com/d/optout.
--
Doug Burks
Need Security Onion Training or Commercial Support?
http://securityonionsolutions.com
tcl/tk on Windows, then download Sguil from here:
https://github.com/bammv/sguil/releases/tag/v0.9.0
If you have questions or problems with the *stock* Sguil client, then
you should use the Sguil mailing list:
http://bammv.github.io/sguil/contact.html
If you instead want the "Security Onion Sguil client" (per the subject
of this thread), then I'd recommend installing Security Onion in a VM:
https://github.com/Security-Onion-Solutions/security-onion/wiki/ConnectingtoSguil#directly-connecting-to-sguild-remotely
On Tue, Jul 14, 2015 at 9:25 PM, Muhd Haziq <s961...@gmail.com> wrote:
> Although i know there is a way for me to remote access or just install security onion to access, i prefer the sguil client.. is there any way cos i find on internet the sguil client is outdated.. if there is any way i can still use sguil client.. pls explain...if not...nvm
>
> You received this message because you are subscribed to the Google Groups "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at http://groups.google.com/group/security-onion.
> For more options, visit https://groups.google.com/d/optout.
--
Doug Burks
Need Security Onion Training or Commercial Support?
http://securityonionsolutions.com
Daniel
Jul 16, 2015, 7:22:24 AM7/16/15
to securit...@googlegroups.com
I can never get the Windows client to work. I use an x-Windows emulator like mobaxterm, ssh -X into my server, and run sguil.tk like I'm local. All the GUI Windows should be sent back to your management station.
Message has been deleted
Doug Burks
Jul 16, 2015, 2:49:47 PM7/16/15
to securit...@googlegroups.com
On Thu, Jul 16, 2015 at 7:22 AM, Daniel <noghri...@gmail.com> wrote:
> I can never get the Windows client to work. I use an x-Windows emulator like mobaxterm, ssh -X into my server, and run sguil.tk like I'm local. All the GUI Windows should be sent back to your management station.
Yes, that's an option and it's described here:
> I can never get the Windows client to work. I use an x-Windows emulator like mobaxterm, ssh -X into my server, and run sguil.tk like I'm local. All the GUI Windows should be sent back to your management station.
https://github.com/Security-Onion-Solutions/security-onion/wiki/ConnectingtoSguil#connect-remotely-via-ssh-w-x11-forwarding
However, X Forwarding can be slow, which is why I prefer to install
Security Onion in a VM and use its local Sguil client to connect to
the server:
https://github.com/Security-Onion-Solutions/security-onion/wiki/ConnectingtoSguil#directly-connecting-to-sguild-remotely
Muhd Haziq
Jul 19, 2015, 8:07:09 AM7/19/15
to securit...@googlegroups.com
thks anyway doug burks i think i just proceed with remote access with xrdp.. and i manage to do it
Tim Whisnant
Jul 19, 2015, 10:46:28 AM7/19/15
to securit...@googlegroups.com
Virtual box with the latest security onion ISO set to seamless mode hides the Ubuntu desktop. You should be able to launch squil from the drop down menu. Update the VM for patching, works well for me.
Reply all
Reply to author
Forward
0 new messages