This is the official Snort FAQ/Wiki repository. It was moved from the Snort.org site to Github to allow people to contribute to it through pull requests.
To checkout all the files:
git clone git://github.com/vrtadmin/snort-faq.git
What is the relationship between Snort and Sourcefire?
What is the role of the Sourcefire Vulnerability Research Team (VRT)?
I'm not receiving alerts in Snort
I'm receiving an error regarding IP Datagram length, what is the problem?
What is the mailing list etiquette?
How do I submit questions about Snort?
How do I ask a good question on the Snort list?
What if I do not wish to register?
Will my information be shared with any other parties or used for marketing?
How can I provide feedback or suggestions for the site?
How can I find a user group in my area?
What if there isn't a local group?
What are Sourcefire VRT Certified Rules?
Why are rules commented out by default?
Resolving Flowbit Dependancies
What does having a Sourcefire VRT subscription entitle me to?
Do I have to subscribe to receive Sourcefire VRT rules?
How much does a subscription cost?
If I purchase a subscription, can I deploy the rules on more than one sensor?
Can I use tools such as PulledPork to manage the subscription?
Where do I go to subscribe to the Sourcefire VRT Certified Ruleset?
What is the Sourcefire VRT Certified Rules License Agreement?
What is the Snort Integrator License from Sourcefire?
How is the Snort software licensed?
Why are the rules licensed separately from the software?
What license is used if I contribute code for the Snort Engine?
What license is used if I contribute a rule for Snort?
All the READMEs from the Snort tarball are uploaded here for simple indexing and reading.