Patriot NG

[JoeN]

Patriot is a 'Host IDS' tool which allows real time monitoring of changes in Windows systems or Network attacks.

Patriot monitors:
Changes in Registry keys: Indicating whether any sensitive key (autorun, internet explorer settings...) is altered.
New files in 'Startup' directories
New Users in the System
New Services installed
Changes in the hosts file
New scheduled jobs
Alteration of the integrity of Internet Explorer: (New BHOs, configuration changes, new toolbars)
Changes in ARP table (Prevention of MITM attacks)
Installation of new Drivers
New Netbios shares
TCP/IP Defense (New open ports, new connections made by processes, PortScan detection...)
Files in critical directories (New executables, new DLLs...)
New hidden windows (cmd.exe / Internet Explorer using OLE objects)
Netbios connections to the System
ARP Watch (New hosts in your network)
NIDS (Detect anomalous network traffic based on editable rules)

Patriot NG 2.01 32bit Windows XP, Windows Vista, Windows 7 (32Bits)

Patriot NG 2.01 64bit Windows XP, Windows Vista, Windows 7 (64Bits)

 

[Tweak]

Interesting, tried it? Likes and dislikes? Reviews you've seen/read? Kinda makes me think of WinPatrol in the real-time aspect of some of the monitoring.

 

[Deleted member 178]

me too, look like a evolved version of winpatrol ^^ i will try it.

 

[jamescv7]

Screenshots Link

Homepage

 

[Deleted member 178]

ok....

13h20 : installed
13h21 : tested, work fine, check the cpu usage : 42% (stopper-file.exe)
13h22: removed

dont know if only happened to me, but the cpu usage is far too HUGE for me

 

[McLovin]

Looks interesting, if it going to be big on CPU I might have to try it at TAFE and then see how it is.

 

[Deleted member 178]

i read other threads about it, the excessive cpu usage is also reported.