Some reading before starting: Before setting out, getting some basic concepts about snort is important. This deployment with be in Network Intrusion Detection System (NIDS) mode – which performs detection and analysis on traffic. See other options and nice and concise introduction:  http://manual.snort.org/node3.html. Rule application order: activation->dynamic->pass->drop->sdrop->reject->alert->log Again drawing from the snort manual some basic understanding of snort alerts can be found:

116 –  Generator ID, tells us what component.. Read More