Appendix B. Rule Documentation

This appendix lays out a basic description for the Snort ruleset contained in the Snort distribution. Descriptions are grouped by rule classification type.

Note

Remember to take into account the business situation in which a rule will be applied. If the classification in this Appendix does not match your needs, feel free to change it. You can always change the classification for any rule by using the methods outlined in Chapter 11, “Real Time Alerting.”

Get Intrusion Detection with Snort now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.