Thanks for a great initial response to Trisul.
We have a new release ready for download. Please login or sign up to download the packages. Remember Trisul is totally free if you are monitoring a 3-day recent window.
Release highlights
Several bug fixes, tweaks, and a couple of new exciting features.
New Features
Payload search
You can now specify a text or binary pattern or even upload a file and search for matches. Trisul will reassemble and check all TCP streams in both directions for a match. It will present all TCP flows that match – you can then pull the packets into Wireshark or Unsniff for further analysis.
Daily usage calendar
You can now display daily totals for any meters for any item on a calendar. For example you can show on a monthly calendar
- Total Bytes / In
- Total Bytes / Out
- Total Connection
- Total Alerts
for a Host like shadyguy.mycompany.com
Updates
- Resource extraction code has been enhanced. Trisul will log all URLs requested including parameters as before but will do it 2x faster.
- Admin can now reset passwords of other users
- Web interface will always use the correct packaged version of Ruby.
- Minor bugs
- Tweaks including verbiage on many pages
- Enhancements to Trisul Remote Protocol
Screencasts & Demo server
Also, check out our screencasts page at Screenr . These screencasts are also on Youtube at a lower quality.
We also have a demo server up at http://trisul.org:3000 – please leave a message in the forum if you would like to check it out. We will send you a username and password. It is hosted on a small linode and wont be able to take more than a handful of users at once.
