The April 2004 issue of Sys Admin magazine features an article I wrote titled "Integrating the Network Security Monitoring Model." Sys Admin summarizes it by saying: "This article examines intrusion detection through an operational model called network security monitoring (NSM). Bejtlich explains NSM theory and introduces several tools to integrate NSM concepts into existing systems." I imagine the April issue will be on newstands within the next few weeks.
After the article has been in print for a while, I will make a copy available in .pdf form at www.taosecurity.com.
I am still working on upgrading the Sguil installation procedure to use MySQL 4.0.x (probably 4.0.18), along with the newest versions of several of its Tcl components. I'd really like to include a release version of the new Barnyard as well.