I'd like my Snort IDS to log all traffic from any IP address on any port that comes to my machine through any well-known port. I've set up my snort.conf file appropriately and saved the following rule in the rules folder:
log tcp any any -> 192.168.100.65 53639.
In a command prompt window, I've tried various commands:
snort -i4 -c C:\Snort\etc\snort.conf -A console
snort -i4 -c C:\Snort\etc\snort.conf -A console > C:\Snort\log\test.txt
both of which created empty files in the log folder, which were deleted once I hit Ctrl+C to stop the snort process, most likely because no information was logged to them.
If you can provide any pointers, I'd really appreciate it.
