wildcards in rules?

["Sheahan, Paul" <Paul.Sheahan () priceline com>]

I'm looking to use Snort to find a string of numbers that begin with a
known group of numbers, but end with unknown numbers.

 

Example:

 

I want Snort to alert if it sees a number like 8976**** in a packet
where **** can be any numbers. Can this be done with Snort? I couldn't
find much on wildcards but did read in a few places that Snort has
limited wildcard support.

 

 

Thanks,

Paul