- May 10, 2011
- 316
Patriot is a 'Host IDS' tool which allows real time monitoring of changes in Windows systems or Network attacks.
Patriot monitors:
Changes in Registry keys: Indicating whether any sensitive key (autorun, internet explorer settings...) is altered.
New files in 'Startup' directories
New Users in the System
New Services installed
Changes in the hosts file
New scheduled jobs
Alteration of the integrity of Internet Explorer: (New BHOs, configuration changes, new toolbars)
Changes in ARP table (Prevention of MITM attacks)
Installation of new Drivers
New Netbios shares
TCP/IP Defense (New open ports, new connections made by processes, PortScan detection...)
Files in critical directories (New executables, new DLLs...)
New hidden windows (cmd.exe / Internet Explorer using OLE objects)
Netbios connections to the System
ARP Watch (New hosts in your network)
NIDS (Detect anomalous network traffic based on editable rules)
Patriot NG 2.01 32bit Windows XP, Windows Vista, Windows 7 (32Bits)
Patriot NG 2.01 64bit Windows XP, Windows Vista, Windows 7 (64Bits)