RuggedRouter® User Guide
Rulesets
The Rulesets section selects the rules to apply on monitored interfaces.
Each “ruleset” reflects a collection of rules that are related. The link under the Action
field will disable or enable all of the rules in a ruleset. Individual rules in a ruleset
may be modified by following the set name link under the Rule Set field, resulting in
a menu such as the following.
Figure 218: Snort Ruleset Edit
Each rule can be individually enabled, disabled or deleted. Most rules will include a
reference link to more information about the vulnerability the rule detects.
It is possible to add your own rule, or one obtained from the open source community
(e.g. www.bleedingsnort.com).
Rule Lookup by SID
The Look Up Rule button accepts a SID and displays its rule. You may elect to
disable the rule or learn more information about it.
250 RuggedCom
Figure 217: Snort Main Menu part 3