ids:snort:snort_rule_format
This is an old revision of the document!
Table of Contents
IDS - Snort - Snort Rule Format
Snort Rule Header
| Action | Protocol | Source Address | Source Port | Direction | Destination Address | Destination Port |
NOTE:
- Action:
- alert: Display an alert.
- log: Write to Log.
- Direction:
- →: Inwards.
- ←: Outwards.
- <>: Either direction.
Sample Rule
alert tcp any 21 -> 192.168.1.123 any (msg: "TCP Packet is Detected";sid:100010)
NOTE: This is comprised of the:
- Rule Header:
- Rule Option:
ids/snort/snort_rule_format.1627289002.txt.gz · Last modified: 2021/07/26 08:43 by peter