Finally version 1.0 was an update aimed at working on the new windows systems and a sieve of functionalities that no longer made much sense (dialers and things like that). I definitely appeased the big improvements for a 2.x branch, a moment that has finally arrived.
We launch Patriot 2.0 NG! In this version the first thing that draws attention is that it has been 'internationalized', passing both the web and the interface to English, however there is a manual in perfect Spanish to facilitate the use to those who are not too ducho in English.
At a technical level, the two great improvements that version 2.0 brings is that, it begins to do things with the network, in particular we have added an 'ARPWatch' part that allows you to monitor (and block) new equipment that connects to the network in which you are. Utilities? A boat can soon be used to identify intruders on Wifi networks that have been connected without authorization.
Secondly, and perhaps the most interesting improvement, is the inclusion of a NIDS module very much in the style of Snort (bridging the gaps). The idea of putting a NIDS is mainly motivated to detect threats of type 0day or those for which there are still no patches. Specifically, there is already a signature to detect and block attacks via metasploit of the famous exploit 'css import' as well as others.
The goal is NOT to have a lot of signatures with attacks from 2008 or oriented to Unix systems, the idea is to handle a set of updated (and updatable) rules that serve as a defense against attacks that are at their peak.
Functions:
