[Snort-users] Rules description?

Brian Caswell bmc at ...312...
Mon Jan 29 14:59:18 EST 2001

Beckster wrote:
> Hi All,
> Has anyone ever written a "description list" or explanations of what
> the different rules mean?

Its a waste of space to include an explanation of the rule inside of the
rule.  A reference to a seperate page would be better.

Something that is in the works is a rewrite of the output plugin to add
support for references.

"reference:CVE,2000-0210" can map to

"reference:ARACHNIDS,294" can map to

"reference:URL,http://somewebsite.com" can map to http://somewebsite.com


More information about the Snort-users mailing list