HI folks, I discovered this tool during a Windows PC configuration for a man. He wanted use his own PC in coffe bars and in a public places using WiFi technologies. He has worried about security because he known something about wireless' (in)security. So surfing on web I discovered this extremely easy, fast and lite IDS (or maybe it's better to say: "LOGS watcher" ) called DecaffeinatID.
It has 3 main capabilities :
1) Arp Watcher. It looks inside the windows ARP table and alerts you when the mac address of your gateway change.
2) Security Log's Watcher. If someone is attempting to your host security, fighting whit the host's security policies, the Security Log will change and DecaffeiatID sends an alert to you.
3) Firewall Log's Watcher. Agin, if something strange happen, where strange means against your firewall rules, it's able to look into firewall logs showing up what's going on.
I'm glad to have founded that software, I know it's not complete and powerful such snort (or similar) but it's really fast to use, pretty much intuitive; to configure-it look here, and light for the system resources.