Patriot-Linux - Host IDS For Desktop Users
Patriot Linux is a HIDS for desktop users who wants real time graphical alerts when something suspicious happens
Patriot detect:
1- Suspicious process running
2- New process starting TCP/IP Connection
3- Auditd alerts
4- New keyboards plugged
Installation
You need to configure Auditd with this suggested rules https://github.com/Neo23x0/auditd (you can use your own rules and simply modify keywords in the code)
Install xinput (apt install xinput or yum install xorg-x11-server-utils)
And then simply download py files and run python3 patriot.py
Tested in CentOS/Fedora and Debian/Ubuntu
Patriot-Linux - Host IDS For Desktop Users
Reviewed by Zion3R
on
5:30 PM
Rating:
![Patriot-Linux - Host IDS For Desktop Users](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhT9SLjWcbbZD99jYsf9uUFv6cm3fyD7etRWfklq_k7_DSXhEoSQmmjG8RiZgB9ViCeuJekUFFr4WYMd1naIEi3_vN1ArzkzUhBH7gw0pK2aFb7AHI8D0pQiE11vuwubFB8dglCPOU8ZsiD/s72-c/Patriot-Linux_1_patriot3.png)