Skip to content
This repository
branch: master
SourcefireVRT
file 211 lines (105 sloc) 11.175 kb

Snort FAQ/Wiki

This is the official Snort FAQ/Wiki repository. It was moved from the Snort.org site to Github to allow people to contribute to it through pull requests.

To checkout all the files:

git clone git://github.com/vrtadmin/snort-faq.git

FAQ Pages

What is Snort?

What is Open Source?

What can I do with Snort?

Where can I download Snort?

What is the relationship between Snort and Sourcefire?

Does Sourcefire sell Snort?

What is a Snort Integrator?

What is the role of the Sourcefire Vulnerability Research Team (VRT)?

I'm not receiving alerts in Snort

I'm receiving an error regarding IP Datagram length, what is the problem?

Lists

What is the mailing list etiquette?

How do I submit questions about Snort?

How do I ask a good question on the Snort list?

Snort.org

What is a registered user?

Why do I need to register?

What if I do not wish to register?

Will my information be shared with any other parties or used for marketing?

How can I provide feedback or suggestions for the site?

How can I find a user group in my area?

What if there isn't a local group?

Rules

What is a Snort rule?

What is a signature?

What is a vulnerability?

What is an exploit?

What is a protocol?

What are Community Rules?

What are Sourcefire VRT Certified Rules?

What is a user-defined rule?

Why are rules commented out by default?

How are rules distributed?

Resolving Flowbit Dependancies

Sourcefire VRT Subscription

What does having a Sourcefire VRT subscription entitle me to?

Do I have to subscribe to receive Sourcefire VRT rules?

How much does a subscription cost?

If I purchase a subscription, can I deploy the rules on more than one sensor?

Can I use tools such as PulledPork to manage the subscription?

Where do I go to subscribe to the Sourcefire VRT Certified Ruleset?

Licensing

What is the GNU GPL?

What is the Sourcefire VRT Certified Rules License Agreement?

What is the Snort Integrator License from Sourcefire?

How is the Snort software licensed?

Why are the rules licensed separately from the software?

What license is used if I contribute code for the Snort Engine?

What license is used if I contribute a rule for Snort?

Docs

All the READMEs from the Snort tarball are uploaded here for simple indexing and reading.

README.GTP

README.PLUGINS

README.PerfProfiling

README.SMTP

README.UNSOCK

README.WIN32

README.active

README.alert_order

README.asn1

README.counts

README.csv

README.daq

README.dcerpc2

README.decode

README.decoder_preproc_rules

README.dnp3

README.dns

README.event_queue

README.file

README.file_ips

README.filters

README.flowbits

README.frag3

README.ftptelnet

README.gre

README.ha

README.http_inspect

README.imap

README.ipip

README.ipv6

README.modbus

README.multipleconfigs

README.normalize

README.pcap_readmode

README.pop

README.ppm

README.reload

README.reputation

README.rzb_saac

README.sensitive_data

README.sfportscan

README.sip

README.ssh

README.ssl

README.stream5

README.tag

README.thresholding

README.unified2

README.variables

Something went wrong with that request. Please try again.