I know we have alot of people using BASE here but i would like to see the perfect 'sguil' setup. Sguil is rather vague to me
Yes I am. From what I understand I think it includes Snort and has hooks into p0f and some other types of devices....?
I would be interested in seeing this as well. I have tried compiling SGUIL a couple times, but the build always complains that TCL is threaded. That is using apt-get under Ubuntu 6.06.1. I think that I tried building it from source once as well and got the same error, so it may be that an older version is needed?