I think I had posted on here ages ago asking how to create an Intrustion Detection System just using DOS commands in a batch file. Well, I actually wrote this awhile back and figured I should post it. It's not meant as a serious security tool, mainly just a learning experience for the curious newb (aka me).

The basic concept is to leave the program running at night, at a time when you are not using the computer, to check for differences in connections. The code is pretty self-explanatory.

@ECHO OFF
CLS
ECHO Written by Blithendell.
ECHO http://www.antionline.com/
ECHO.
ECHO Your current connections..
NETSTAT
ECHO.
ECHO Check C:\NIGHTWATCHLOG.TXT to see if any intrusion attempts occured.
PAUSE
ECHO Original connections..>C:\NIGHTWATCHLOG.TXT
NETSTAT>>C:\NIGHTWATCHLOG.TXT
ECHO.>>C:\NIGHTWATCHLOG.TXT
DATE /T>>C:\NIGHTWATCHLOG.TXT
TIME /T>>C:\NIGHTWATCHLOG.TXT
NETSTAT>C:\NETLOG1.TXT
ECHO.
ECHO.
ECHO.
ECHO Currently scanning for intruders..
:MAIN
NETSTAT>C:\NETLOG2.TXT
FC C:\NETLOG1.TXT C:\NETLOG2.TXT>>C:\FILELOG.TXT
IF ERRORLEVEL 1 GOTO :ALERT
GOTO :MAIN
:ALERT
ECHO.>>C:\NIGHTWATCHLOG.TXT
ECHO Intrusion attempt detected!>>C:\NIGHTWATCHLOG.TXT
ECHO Compare the above and below entries to indentify the intruder.>>C:\NIGHTWATCHLOG.TXT
NETSTAT>>C:\NIGHTWATCHLOG.TXT
ECHO.>>C:\NIGHTWATCHLOG.TXT
DATE /T>>C:\NIGHTWATCHLOG.TXT
TIME /T>>C:\NIGHTWATCHLOG.TXT
DEL C:\FILELOG.txt
DEL C:\NETLOG1.txt
DEL C:\NETLOG2.txt
SHUTDOWN -s -t 10