Snort and creating new classtypes

[Matthew Wagenknecht <Matthew.Wagenknecht () quantum com>]

In the snort rules, a number of virus rules have misc-activity. I want to
move all virus signatures to a new classtype called virus. I created a new
line in classifications.config like the following::

config classification: virus,Virus Detection,1

However when in ACID, it shows up under unclassified. Is there something
else I need to do or is this and ACID issue?



..:: Matt ::..