Sunday, February 13, 2011

Patriot NG 2.0 released

Patriot NG is a 'Host IDS' tool which allows real time monitoring of changes in Windows systems or Network attacks. It is available for Windows XP, Windows Vista, Windows 7 (32Bits & 64bits)

Patriot monitors:

  • Changes in Registry keys: Indicating whether any sensitive key (autorun, internet explorer settings...) is altered.
  • New files in 'Startup' directories
  • New Users in the System
  • New Services installed
    Changes in the hosts file
  • New scheduled jobs
  • Alteration of the integrity of Internet Explorer: (New BHOs, configuration changes, new toolbars)
  • Changes in ARP table (Prevention of MITM attacks)
  • Installation of new Drivers
  • New Netbios shares
  • TCP/IP Defense (New open ports, new connections made by processes, PortScan detection...)
  • Files in critical directories (New executables, new DLLs...)
  • New hidden windows (cmd.exe / Internet Explorer using OLE objects)
  • Netbios connections to the System
  • ARP Watch (New hosts in your network)
  • NIDS (Detect anomalous network traffic based on editable rules)



Video demo:

1 comment:

Yago Jesus said...

Thanks a lot for your review. Cheers