SNORT 101 - Rules Basics.txt

Version 1

    The good news is, most IDS appliances have a rules builder.  HOWEVER...

    You need to understand the basics of rule creation so that when you look at a pre-built rule, you understand what it is supposed to do.  If you get to know them well enough, you can tweak them in place rather than having to delete the rule, and re-run the rule builder from scratch.  Here is an intro to SNORT.