diff --git a/Cyberarms-Release-2.2.0.zip b/Cyberarms-Release-2.2.0.zip
new file mode 100644
index 0000000..f81cf3b
Binary files /dev/null and b/Cyberarms-Release-2.2.0.zip differ
diff --git a/Cyberarms.Agents.Bind9/Cyberarms.Agents.Bind9.csproj b/Cyberarms.Agents.Bind9/Cyberarms.Agents.Bind9.csproj
index 7281bc4..9a66a91 100644
--- a/Cyberarms.Agents.Bind9/Cyberarms.Agents.Bind9.csproj
+++ b/Cyberarms.Agents.Bind9/Cyberarms.Agents.Bind9.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.Agents.Bind9</RootNamespace>
     <AssemblyName>Cyberarms.Agents.Bind9</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
     <SccLocalPath>SAK</SccLocalPath>
@@ -108,4 +108,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.Agents.Bind9/bin/Release/Cyberarms.Agents.Bind9.dll b/Cyberarms.Agents.Bind9/bin/Release/Cyberarms.Agents.Bind9.dll
new file mode 100644
index 0000000..01ad751
Binary files /dev/null and b/Cyberarms.Agents.Bind9/bin/Release/Cyberarms.Agents.Bind9.dll differ
diff --git a/Cyberarms.Agents.Bind9/bin/Release/Cyberarms.Agents.Bind9.pdb b/Cyberarms.Agents.Bind9/bin/Release/Cyberarms.Agents.Bind9.pdb
new file mode 100644
index 0000000..caf54c6
Binary files /dev/null and b/Cyberarms.Agents.Bind9/bin/Release/Cyberarms.Agents.Bind9.pdb differ
diff --git a/Cyberarms.Agents.Bind9/bin/Release/mscorlib.dll b/Cyberarms.Agents.Bind9/bin/Release/mscorlib.dll
new file mode 100644
index 0000000..2e8c900
Binary files /dev/null and b/Cyberarms.Agents.Bind9/bin/Release/mscorlib.dll differ
diff --git a/Cyberarms.Agents.Bind9/bin/Release/normidna.nlp b/Cyberarms.Agents.Bind9/bin/Release/normidna.nlp
new file mode 100644
index 0000000..5a69df1
Binary files /dev/null and b/Cyberarms.Agents.Bind9/bin/Release/normidna.nlp differ
diff --git a/Cyberarms.Agents.Bind9/bin/Release/normnfc.nlp b/Cyberarms.Agents.Bind9/bin/Release/normnfc.nlp
new file mode 100644
index 0000000..f198144
Binary files /dev/null and b/Cyberarms.Agents.Bind9/bin/Release/normnfc.nlp differ
diff --git a/Cyberarms.Agents.Bind9/bin/Release/normnfd.nlp b/Cyberarms.Agents.Bind9/bin/Release/normnfd.nlp
new file mode 100644
index 0000000..16e88e1
Binary files /dev/null and b/Cyberarms.Agents.Bind9/bin/Release/normnfd.nlp differ
diff --git a/Cyberarms.Agents.Bind9/bin/Release/normnfkc.nlp b/Cyberarms.Agents.Bind9/bin/Release/normnfkc.nlp
new file mode 100644
index 0000000..55406db
Binary files /dev/null and b/Cyberarms.Agents.Bind9/bin/Release/normnfkc.nlp differ
diff --git a/Cyberarms.Agents.Bind9/bin/Release/normnfkd.nlp b/Cyberarms.Agents.Bind9/bin/Release/normnfkd.nlp
new file mode 100644
index 0000000..b7386c4
Binary files /dev/null and b/Cyberarms.Agents.Bind9/bin/Release/normnfkd.nlp differ
diff --git a/Cyberarms.Agents.Bind9/bin/x86/Release/Cyberarms.Agents.Bind9.dll b/Cyberarms.Agents.Bind9/bin/x86/Release/Cyberarms.Agents.Bind9.dll
new file mode 100644
index 0000000..da54c30
Binary files /dev/null and b/Cyberarms.Agents.Bind9/bin/x86/Release/Cyberarms.Agents.Bind9.dll differ
diff --git a/Cyberarms.Agents.Bind9/bin/x86/Release/Cyberarms.Agents.Bind9.pdb b/Cyberarms.Agents.Bind9/bin/x86/Release/Cyberarms.Agents.Bind9.pdb
new file mode 100644
index 0000000..9da3939
Binary files /dev/null and b/Cyberarms.Agents.Bind9/bin/x86/Release/Cyberarms.Agents.Bind9.pdb differ
diff --git a/Cyberarms.Agents.Bind9/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs b/Cyberarms.Agents.Bind9/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
new file mode 100644
index 0000000..6574ddf
--- /dev/null
+++ b/Cyberarms.Agents.Bind9/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = "")]
diff --git a/Cyberarms.Agents.Bind9/obj/Release/Cyberarms.Agents.Bind9.csproj.FileListAbsolute.txt b/Cyberarms.Agents.Bind9/obj/Release/Cyberarms.Agents.Bind9.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..1c70ce5
--- /dev/null
+++ b/Cyberarms.Agents.Bind9/obj/Release/Cyberarms.Agents.Bind9.csproj.FileListAbsolute.txt
@@ -0,0 +1,10 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Bind9\bin\Release\Cyberarms.Agents.Bind9.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Bind9\bin\Release\Cyberarms.Agents.Bind9.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Bind9\obj\Release\Cyberarms.Agents.Bind9.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Bind9\obj\Release\Cyberarms.Agents.Bind9.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Bind9\bin\Release\mscorlib.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Bind9\bin\Release\normidna.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Bind9\bin\Release\normnfc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Bind9\bin\Release\normnfd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Bind9\bin\Release\normnfkc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Bind9\bin\Release\normnfkd.nlp
diff --git a/Cyberarms.Agents.Bind9/obj/Release/Cyberarms.Agents.Bind9.dll b/Cyberarms.Agents.Bind9/obj/Release/Cyberarms.Agents.Bind9.dll
new file mode 100644
index 0000000..01ad751
Binary files /dev/null and b/Cyberarms.Agents.Bind9/obj/Release/Cyberarms.Agents.Bind9.dll differ
diff --git a/Cyberarms.Agents.Bind9/obj/Release/Cyberarms.Agents.Bind9.pdb b/Cyberarms.Agents.Bind9/obj/Release/Cyberarms.Agents.Bind9.pdb
new file mode 100644
index 0000000..caf54c6
Binary files /dev/null and b/Cyberarms.Agents.Bind9/obj/Release/Cyberarms.Agents.Bind9.pdb differ
diff --git a/Cyberarms.Agents.Bind9/obj/x86/Release/Cyberarms.Agents.Bind9.csproj.FileListAbsolute.txt b/Cyberarms.Agents.Bind9/obj/x86/Release/Cyberarms.Agents.Bind9.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..b4376a2
--- /dev/null
+++ b/Cyberarms.Agents.Bind9/obj/x86/Release/Cyberarms.Agents.Bind9.csproj.FileListAbsolute.txt
@@ -0,0 +1,5 @@
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Bind9\bin\x86\Release\Cyberarms.Agents.Bind9.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Bind9\bin\x86\Release\Cyberarms.Agents.Bind9.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Bind9\obj\x86\Release\Cyberarms.Agents.Bind9.csprojResolveAssemblyReference.cache
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Bind9\obj\x86\Release\Cyberarms.Agents.Bind9.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Bind9\obj\x86\Release\Cyberarms.Agents.Bind9.pdb
diff --git a/Cyberarms.Agents.Bind9/obj/x86/Release/Cyberarms.Agents.Bind9.csprojResolveAssemblyReference.cache b/Cyberarms.Agents.Bind9/obj/x86/Release/Cyberarms.Agents.Bind9.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..3c40f71
Binary files /dev/null and b/Cyberarms.Agents.Bind9/obj/x86/Release/Cyberarms.Agents.Bind9.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.Agents.Bind9/obj/x86/Release/Cyberarms.Agents.Bind9.dll b/Cyberarms.Agents.Bind9/obj/x86/Release/Cyberarms.Agents.Bind9.dll
new file mode 100644
index 0000000..da54c30
Binary files /dev/null and b/Cyberarms.Agents.Bind9/obj/x86/Release/Cyberarms.Agents.Bind9.dll differ
diff --git a/Cyberarms.Agents.Bind9/obj/x86/Release/Cyberarms.Agents.Bind9.pdb b/Cyberarms.Agents.Bind9/obj/x86/Release/Cyberarms.Agents.Bind9.pdb
new file mode 100644
index 0000000..9da3939
Binary files /dev/null and b/Cyberarms.Agents.Bind9/obj/x86/Release/Cyberarms.Agents.Bind9.pdb differ
diff --git a/Cyberarms.Agents.FileMaker/Cyberarms.Agents.FileMaker.csproj b/Cyberarms.Agents.FileMaker/Cyberarms.Agents.FileMaker.csproj
index d862975..a02d7f1 100644
--- a/Cyberarms.Agents.FileMaker/Cyberarms.Agents.FileMaker.csproj
+++ b/Cyberarms.Agents.FileMaker/Cyberarms.Agents.FileMaker.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.Agents.FileMaker</RootNamespace>
     <AssemblyName>Cyberarms.Agents.FileMaker</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
     <SccLocalPath>SAK</SccLocalPath>
@@ -93,4 +93,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.Agents.FileMaker/bin/Release/Cyberarms.Agents.FileMaker.dll b/Cyberarms.Agents.FileMaker/bin/Release/Cyberarms.Agents.FileMaker.dll
new file mode 100644
index 0000000..9e26b44
Binary files /dev/null and b/Cyberarms.Agents.FileMaker/bin/Release/Cyberarms.Agents.FileMaker.dll differ
diff --git a/Cyberarms.Agents.FileMaker/bin/Release/Cyberarms.Agents.FileMaker.pdb b/Cyberarms.Agents.FileMaker/bin/Release/Cyberarms.Agents.FileMaker.pdb
new file mode 100644
index 0000000..1779249
Binary files /dev/null and b/Cyberarms.Agents.FileMaker/bin/Release/Cyberarms.Agents.FileMaker.pdb differ
diff --git a/Cyberarms.Agents.FileMaker/bin/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.Agents.FileMaker/bin/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..1647cea
Binary files /dev/null and b/Cyberarms.Agents.FileMaker/bin/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.Agents.FileMaker/bin/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.Agents.FileMaker/bin/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..0b7344f
Binary files /dev/null and b/Cyberarms.Agents.FileMaker/bin/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.Agents.FileMaker/bin/Release/Cyberarms.IntrusionDetection.Api.xml b/Cyberarms.Agents.FileMaker/bin/Release/Cyberarms.IntrusionDetection.Api.xml
new file mode 100644
index 0000000..b345d21
--- /dev/null
+++ b/Cyberarms.Agents.FileMaker/bin/Release/Cyberarms.IntrusionDetection.Api.xml
@@ -0,0 +1,460 @@
+<?xml version="1.0"?>
+<doc>
+    <assembly>
+        <name>Cyberarms.IntrusionDetection.Api</name>
+    </assembly>
+    <members>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase">
+            <summary>
+            This class can be used as base class for custom configuration.
+            Using this base class,Intrusion Detectionautomatically loads and saves configuration values needed by your plugin.
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration">
+            <summary>
+            This interface provídes any property needed forIntrusion Detectionto load and save configuration values for your agent plugin.
+            It is used byIntrusion Detectioninternally, as agent developer, you don't have to care about this interface
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.GetConfigurationType">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.GetConfigurationType">
+            <summary>
+            Returns the type of custom configuration
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings. This must be marked with the System.Xml.Serialization.XmlIgnore() attribute,
+            and the property must ensure to return the right configuration for the plugin.
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.PluginConfigurationXml">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.FileName">
+            <summary>
+            The filename of an agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin">
+            <summary>
+            Base class for agents
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin">
+            <summary>
+            Interface for agents, must be implemented to create aIntrusion Detectionagent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.#ctor">
+            <summary>
+            Initialize the agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnAttackDetected(System.Object,Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+            <summary>
+            Is used to invoke all event listener delegates
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Notification arguments</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStartAgent">
+            <summary>
+            Override this method to do anything required to start your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnPauseAgent">
+            <summary>
+            Override this method to do anything required to pause your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStopAgent">
+            <summary>
+            Override this method to stop your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnContinueAgent">
+            <summary>
+            Override this method to continue your agent from the paused state
+            </summary>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>                
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener">
+            <summary>
+            NotificationReceiver
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener.NotificationReceiver(Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+             <summary>
+            Intrusion Detectioncalls the NotificationReceiver to forward notification event data 
+             </summary>
+             <param name="args"></param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.Names">
+            <summary>
+            Internal class needed for naming
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.Names.pluginTypeNames">
+            <summary>
+            Returns display names 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute">
+            <summary>
+            Custom attribute for plugins to specify displayname and description. 
+            TheIntrusion Detectionadministration software displays the values defined as class attribute
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+            <param name="version">Version number of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.DisplayName">
+            <summary>
+            Display name of your agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Description">
+            <summary>
+            Add a short description about what your agent does
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Version">
+            <summary>
+            Version number of your agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes">
+            <summary>
+            Plugin types
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.Agent">
+            <summary>
+            Type is agent
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.NotificationListener">
+            <summary>
+            Type is Listener
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler">
+            <summary>
+            Event handler for sending intrusion attempts to theIntrusion DetectionService
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Intrusion notification details</param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs">
+            <summary>
+            Notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs">
+            <summary>
+            Base class for notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration">
+            <summary>
+            Base class for plugin configuration settings
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration)">
+            <summary>
+            Clone from another PluginConfiguration of the same type
+            </summary>
+            <param name="source"></param>
+        </member>
+    </members>
+</doc>
diff --git a/Cyberarms.Agents.FileMaker/bin/Release/mscorlib.dll b/Cyberarms.Agents.FileMaker/bin/Release/mscorlib.dll
new file mode 100644
index 0000000..2e8c900
Binary files /dev/null and b/Cyberarms.Agents.FileMaker/bin/Release/mscorlib.dll differ
diff --git a/Cyberarms.Agents.FileMaker/bin/Release/normidna.nlp b/Cyberarms.Agents.FileMaker/bin/Release/normidna.nlp
new file mode 100644
index 0000000..5a69df1
Binary files /dev/null and b/Cyberarms.Agents.FileMaker/bin/Release/normidna.nlp differ
diff --git a/Cyberarms.Agents.FileMaker/bin/Release/normnfc.nlp b/Cyberarms.Agents.FileMaker/bin/Release/normnfc.nlp
new file mode 100644
index 0000000..f198144
Binary files /dev/null and b/Cyberarms.Agents.FileMaker/bin/Release/normnfc.nlp differ
diff --git a/Cyberarms.Agents.FileMaker/bin/Release/normnfd.nlp b/Cyberarms.Agents.FileMaker/bin/Release/normnfd.nlp
new file mode 100644
index 0000000..16e88e1
Binary files /dev/null and b/Cyberarms.Agents.FileMaker/bin/Release/normnfd.nlp differ
diff --git a/Cyberarms.Agents.FileMaker/bin/Release/normnfkc.nlp b/Cyberarms.Agents.FileMaker/bin/Release/normnfkc.nlp
new file mode 100644
index 0000000..55406db
Binary files /dev/null and b/Cyberarms.Agents.FileMaker/bin/Release/normnfkc.nlp differ
diff --git a/Cyberarms.Agents.FileMaker/bin/Release/normnfkd.nlp b/Cyberarms.Agents.FileMaker/bin/Release/normnfkd.nlp
new file mode 100644
index 0000000..b7386c4
Binary files /dev/null and b/Cyberarms.Agents.FileMaker/bin/Release/normnfkd.nlp differ
diff --git a/Cyberarms.Agents.FileMaker/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs b/Cyberarms.Agents.FileMaker/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
new file mode 100644
index 0000000..6574ddf
--- /dev/null
+++ b/Cyberarms.Agents.FileMaker/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = "")]
diff --git a/Cyberarms.Agents.FileMaker/obj/Release/Cyberarms.Agents.FileMaker.FileMakerResource.resources b/Cyberarms.Agents.FileMaker/obj/Release/Cyberarms.Agents.FileMaker.FileMakerResource.resources
new file mode 100644
index 0000000..104a622
Binary files /dev/null and b/Cyberarms.Agents.FileMaker/obj/Release/Cyberarms.Agents.FileMaker.FileMakerResource.resources differ
diff --git a/Cyberarms.Agents.FileMaker/obj/Release/Cyberarms.Agents.FileMaker.csproj.FileListAbsolute.txt b/Cyberarms.Agents.FileMaker/obj/Release/Cyberarms.Agents.FileMaker.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..324b4e5
--- /dev/null
+++ b/Cyberarms.Agents.FileMaker/obj/Release/Cyberarms.Agents.FileMaker.csproj.FileListAbsolute.txt
@@ -0,0 +1,15 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FileMaker\bin\Release\Cyberarms.Agents.FileMaker.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FileMaker\bin\Release\Cyberarms.Agents.FileMaker.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FileMaker\bin\Release\Cyberarms.IntrusionDetection.Api.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FileMaker\bin\Release\Cyberarms.IntrusionDetection.Api.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FileMaker\bin\Release\Cyberarms.IntrusionDetection.Api.xml
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FileMaker\obj\Release\Cyberarms.Agents.FileMaker.FileMakerResource.resources
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FileMaker\obj\Release\Cyberarms.Agents.FileMaker.csproj.GenerateResource.Cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FileMaker\obj\Release\Cyberarms.Agents.FileMaker.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FileMaker\obj\Release\Cyberarms.Agents.FileMaker.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FileMaker\bin\Release\mscorlib.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FileMaker\bin\Release\normidna.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FileMaker\bin\Release\normnfc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FileMaker\bin\Release\normnfd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FileMaker\bin\Release\normnfkc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FileMaker\bin\Release\normnfkd.nlp
diff --git a/Cyberarms.Agents.FileMaker/obj/Release/Cyberarms.Agents.FileMaker.csproj.GenerateResource.Cache b/Cyberarms.Agents.FileMaker/obj/Release/Cyberarms.Agents.FileMaker.csproj.GenerateResource.Cache
new file mode 100644
index 0000000..2c37c84
Binary files /dev/null and b/Cyberarms.Agents.FileMaker/obj/Release/Cyberarms.Agents.FileMaker.csproj.GenerateResource.Cache differ
diff --git a/Cyberarms.Agents.FileMaker/obj/Release/Cyberarms.Agents.FileMaker.dll b/Cyberarms.Agents.FileMaker/obj/Release/Cyberarms.Agents.FileMaker.dll
new file mode 100644
index 0000000..9e26b44
Binary files /dev/null and b/Cyberarms.Agents.FileMaker/obj/Release/Cyberarms.Agents.FileMaker.dll differ
diff --git a/Cyberarms.Agents.FileMaker/obj/Release/Cyberarms.Agents.FileMaker.pdb b/Cyberarms.Agents.FileMaker/obj/Release/Cyberarms.Agents.FileMaker.pdb
new file mode 100644
index 0000000..1779249
Binary files /dev/null and b/Cyberarms.Agents.FileMaker/obj/Release/Cyberarms.Agents.FileMaker.pdb differ
diff --git a/Cyberarms.Agents.FtpServer/Cyberarms.Agents.FtpServer.csproj b/Cyberarms.Agents.FtpServer/Cyberarms.Agents.FtpServer.csproj
index 2a4cfac..5e7ebf4 100644
--- a/Cyberarms.Agents.FtpServer/Cyberarms.Agents.FtpServer.csproj
+++ b/Cyberarms.Agents.FtpServer/Cyberarms.Agents.FtpServer.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.Agents.FtpServer</RootNamespace>
     <AssemblyName>Cyberarms.Agents.FtpServer</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
     <SccLocalPath>SAK</SccLocalPath>
@@ -131,4 +131,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.Agents.FtpServer/bin/Release/Cyberarms.Agents.FtpServer.dll b/Cyberarms.Agents.FtpServer/bin/Release/Cyberarms.Agents.FtpServer.dll
new file mode 100644
index 0000000..1cef603
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/bin/Release/Cyberarms.Agents.FtpServer.dll differ
diff --git a/Cyberarms.Agents.FtpServer/bin/Release/Cyberarms.Agents.FtpServer.pdb b/Cyberarms.Agents.FtpServer/bin/Release/Cyberarms.Agents.FtpServer.pdb
new file mode 100644
index 0000000..27c5bac
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/bin/Release/Cyberarms.Agents.FtpServer.pdb differ
diff --git a/Cyberarms.Agents.FtpServer/bin/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.Agents.FtpServer/bin/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..1647cea
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/bin/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.Agents.FtpServer/bin/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.Agents.FtpServer/bin/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..0b7344f
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/bin/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.Agents.FtpServer/bin/Release/Cyberarms.IntrusionDetection.Api.xml b/Cyberarms.Agents.FtpServer/bin/Release/Cyberarms.IntrusionDetection.Api.xml
new file mode 100644
index 0000000..b345d21
--- /dev/null
+++ b/Cyberarms.Agents.FtpServer/bin/Release/Cyberarms.IntrusionDetection.Api.xml
@@ -0,0 +1,460 @@
+<?xml version="1.0"?>
+<doc>
+    <assembly>
+        <name>Cyberarms.IntrusionDetection.Api</name>
+    </assembly>
+    <members>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase">
+            <summary>
+            This class can be used as base class for custom configuration.
+            Using this base class,Intrusion Detectionautomatically loads and saves configuration values needed by your plugin.
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration">
+            <summary>
+            This interface provídes any property needed forIntrusion Detectionto load and save configuration values for your agent plugin.
+            It is used byIntrusion Detectioninternally, as agent developer, you don't have to care about this interface
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.GetConfigurationType">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.GetConfigurationType">
+            <summary>
+            Returns the type of custom configuration
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings. This must be marked with the System.Xml.Serialization.XmlIgnore() attribute,
+            and the property must ensure to return the right configuration for the plugin.
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.PluginConfigurationXml">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.FileName">
+            <summary>
+            The filename of an agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin">
+            <summary>
+            Base class for agents
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin">
+            <summary>
+            Interface for agents, must be implemented to create aIntrusion Detectionagent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.#ctor">
+            <summary>
+            Initialize the agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnAttackDetected(System.Object,Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+            <summary>
+            Is used to invoke all event listener delegates
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Notification arguments</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStartAgent">
+            <summary>
+            Override this method to do anything required to start your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnPauseAgent">
+            <summary>
+            Override this method to do anything required to pause your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStopAgent">
+            <summary>
+            Override this method to stop your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnContinueAgent">
+            <summary>
+            Override this method to continue your agent from the paused state
+            </summary>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>                
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener">
+            <summary>
+            NotificationReceiver
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener.NotificationReceiver(Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+             <summary>
+            Intrusion Detectioncalls the NotificationReceiver to forward notification event data 
+             </summary>
+             <param name="args"></param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.Names">
+            <summary>
+            Internal class needed for naming
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.Names.pluginTypeNames">
+            <summary>
+            Returns display names 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute">
+            <summary>
+            Custom attribute for plugins to specify displayname and description. 
+            TheIntrusion Detectionadministration software displays the values defined as class attribute
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+            <param name="version">Version number of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.DisplayName">
+            <summary>
+            Display name of your agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Description">
+            <summary>
+            Add a short description about what your agent does
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Version">
+            <summary>
+            Version number of your agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes">
+            <summary>
+            Plugin types
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.Agent">
+            <summary>
+            Type is agent
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.NotificationListener">
+            <summary>
+            Type is Listener
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler">
+            <summary>
+            Event handler for sending intrusion attempts to theIntrusion DetectionService
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Intrusion notification details</param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs">
+            <summary>
+            Notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs">
+            <summary>
+            Base class for notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration">
+            <summary>
+            Base class for plugin configuration settings
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration)">
+            <summary>
+            Clone from another PluginConfiguration of the same type
+            </summary>
+            <param name="source"></param>
+        </member>
+    </members>
+</doc>
diff --git a/Cyberarms.Agents.FtpServer/bin/Release/mscorlib.dll b/Cyberarms.Agents.FtpServer/bin/Release/mscorlib.dll
new file mode 100644
index 0000000..2e8c900
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/bin/Release/mscorlib.dll differ
diff --git a/Cyberarms.Agents.FtpServer/bin/Release/normidna.nlp b/Cyberarms.Agents.FtpServer/bin/Release/normidna.nlp
new file mode 100644
index 0000000..5a69df1
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/bin/Release/normidna.nlp differ
diff --git a/Cyberarms.Agents.FtpServer/bin/Release/normnfc.nlp b/Cyberarms.Agents.FtpServer/bin/Release/normnfc.nlp
new file mode 100644
index 0000000..f198144
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/bin/Release/normnfc.nlp differ
diff --git a/Cyberarms.Agents.FtpServer/bin/Release/normnfd.nlp b/Cyberarms.Agents.FtpServer/bin/Release/normnfd.nlp
new file mode 100644
index 0000000..16e88e1
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/bin/Release/normnfd.nlp differ
diff --git a/Cyberarms.Agents.FtpServer/bin/Release/normnfkc.nlp b/Cyberarms.Agents.FtpServer/bin/Release/normnfkc.nlp
new file mode 100644
index 0000000..55406db
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/bin/Release/normnfkc.nlp differ
diff --git a/Cyberarms.Agents.FtpServer/bin/Release/normnfkd.nlp b/Cyberarms.Agents.FtpServer/bin/Release/normnfkd.nlp
new file mode 100644
index 0000000..b7386c4
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/bin/Release/normnfkd.nlp differ
diff --git a/Cyberarms.Agents.FtpServer/bin/x86/Release/Cyberarms.Agents.FtpServer.dll b/Cyberarms.Agents.FtpServer/bin/x86/Release/Cyberarms.Agents.FtpServer.dll
new file mode 100644
index 0000000..88cc51c
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/bin/x86/Release/Cyberarms.Agents.FtpServer.dll differ
diff --git a/Cyberarms.Agents.FtpServer/bin/x86/Release/Cyberarms.Agents.FtpServer.pdb b/Cyberarms.Agents.FtpServer/bin/x86/Release/Cyberarms.Agents.FtpServer.pdb
new file mode 100644
index 0000000..20c9e04
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/bin/x86/Release/Cyberarms.Agents.FtpServer.pdb differ
diff --git a/Cyberarms.Agents.FtpServer/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.Agents.FtpServer/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..7103f56
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.Agents.FtpServer/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.Agents.FtpServer/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..1067196
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.Agents.FtpServer/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs b/Cyberarms.Agents.FtpServer/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
new file mode 100644
index 0000000..6574ddf
--- /dev/null
+++ b/Cyberarms.Agents.FtpServer/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = "")]
diff --git a/Cyberarms.Agents.FtpServer/obj/Release/Cyberarms.Agents.FtpServer.Resource.resources b/Cyberarms.Agents.FtpServer/obj/Release/Cyberarms.Agents.FtpServer.Resource.resources
new file mode 100644
index 0000000..b952f3c
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/obj/Release/Cyberarms.Agents.FtpServer.Resource.resources differ
diff --git a/Cyberarms.Agents.FtpServer/obj/Release/Cyberarms.Agents.FtpServer.csproj.FileListAbsolute.txt b/Cyberarms.Agents.FtpServer/obj/Release/Cyberarms.Agents.FtpServer.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..8e7556e
--- /dev/null
+++ b/Cyberarms.Agents.FtpServer/obj/Release/Cyberarms.Agents.FtpServer.csproj.FileListAbsolute.txt
@@ -0,0 +1,15 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\bin\Release\Cyberarms.Agents.FtpServer.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\bin\Release\Cyberarms.Agents.FtpServer.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\bin\Release\Cyberarms.IntrusionDetection.Api.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\bin\Release\Cyberarms.IntrusionDetection.Api.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\bin\Release\Cyberarms.IntrusionDetection.Api.xml
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\obj\Release\Cyberarms.Agents.FtpServer.Resource.resources
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\obj\Release\Cyberarms.Agents.FtpServer.csproj.GenerateResource.Cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\obj\Release\Cyberarms.Agents.FtpServer.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\obj\Release\Cyberarms.Agents.FtpServer.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\bin\Release\mscorlib.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\bin\Release\normidna.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\bin\Release\normnfc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\bin\Release\normnfd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\bin\Release\normnfkc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\bin\Release\normnfkd.nlp
diff --git a/Cyberarms.Agents.FtpServer/obj/Release/Cyberarms.Agents.FtpServer.csproj.GenerateResource.Cache b/Cyberarms.Agents.FtpServer/obj/Release/Cyberarms.Agents.FtpServer.csproj.GenerateResource.Cache
new file mode 100644
index 0000000..f061ec1
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/obj/Release/Cyberarms.Agents.FtpServer.csproj.GenerateResource.Cache differ
diff --git a/Cyberarms.Agents.FtpServer/obj/Release/Cyberarms.Agents.FtpServer.dll b/Cyberarms.Agents.FtpServer/obj/Release/Cyberarms.Agents.FtpServer.dll
new file mode 100644
index 0000000..1cef603
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/obj/Release/Cyberarms.Agents.FtpServer.dll differ
diff --git a/Cyberarms.Agents.FtpServer/obj/Release/Cyberarms.Agents.FtpServer.pdb b/Cyberarms.Agents.FtpServer/obj/Release/Cyberarms.Agents.FtpServer.pdb
new file mode 100644
index 0000000..27c5bac
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/obj/Release/Cyberarms.Agents.FtpServer.pdb differ
diff --git a/Cyberarms.Agents.FtpServer/obj/x86/Release/Cyberarms.Agents.FtpServer.Resource.resources b/Cyberarms.Agents.FtpServer/obj/x86/Release/Cyberarms.Agents.FtpServer.Resource.resources
new file mode 100644
index 0000000..b952f3c
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/obj/x86/Release/Cyberarms.Agents.FtpServer.Resource.resources differ
diff --git a/Cyberarms.Agents.FtpServer/obj/x86/Release/Cyberarms.Agents.FtpServer.csproj.FileListAbsolute.txt b/Cyberarms.Agents.FtpServer/obj/x86/Release/Cyberarms.Agents.FtpServer.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..d1d891b
--- /dev/null
+++ b/Cyberarms.Agents.FtpServer/obj/x86/Release/Cyberarms.Agents.FtpServer.csproj.FileListAbsolute.txt
@@ -0,0 +1,9 @@
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\bin\x86\Release\Cyberarms.Agents.FtpServer.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\bin\x86\Release\Cyberarms.Agents.FtpServer.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\bin\x86\Release\Cyberarms.IntrusionDetection.Api.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\bin\x86\Release\Cyberarms.IntrusionDetection.Api.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\obj\x86\Release\Cyberarms.Agents.FtpServer.csprojResolveAssemblyReference.cache
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\obj\x86\Release\Cyberarms.Agents.FtpServer.Resource.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\obj\x86\Release\Cyberarms.Agents.FtpServer.csproj.GenerateResource.Cache
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\obj\x86\Release\Cyberarms.Agents.FtpServer.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.FtpServer\obj\x86\Release\Cyberarms.Agents.FtpServer.pdb
diff --git a/Cyberarms.Agents.FtpServer/obj/x86/Release/Cyberarms.Agents.FtpServer.csproj.GenerateResource.Cache b/Cyberarms.Agents.FtpServer/obj/x86/Release/Cyberarms.Agents.FtpServer.csproj.GenerateResource.Cache
new file mode 100644
index 0000000..f061ec1
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/obj/x86/Release/Cyberarms.Agents.FtpServer.csproj.GenerateResource.Cache differ
diff --git a/Cyberarms.Agents.FtpServer/obj/x86/Release/Cyberarms.Agents.FtpServer.csprojResolveAssemblyReference.cache b/Cyberarms.Agents.FtpServer/obj/x86/Release/Cyberarms.Agents.FtpServer.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..1ec41d8
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/obj/x86/Release/Cyberarms.Agents.FtpServer.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.Agents.FtpServer/obj/x86/Release/Cyberarms.Agents.FtpServer.dll b/Cyberarms.Agents.FtpServer/obj/x86/Release/Cyberarms.Agents.FtpServer.dll
new file mode 100644
index 0000000..88cc51c
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/obj/x86/Release/Cyberarms.Agents.FtpServer.dll differ
diff --git a/Cyberarms.Agents.FtpServer/obj/x86/Release/Cyberarms.Agents.FtpServer.pdb b/Cyberarms.Agents.FtpServer/obj/x86/Release/Cyberarms.Agents.FtpServer.pdb
new file mode 100644
index 0000000..20c9e04
Binary files /dev/null and b/Cyberarms.Agents.FtpServer/obj/x86/Release/Cyberarms.Agents.FtpServer.pdb differ
diff --git a/Cyberarms.Agents.MailServer.Test/Cyberarms.Agents.MailServer.Test.csproj b/Cyberarms.Agents.MailServer.Test/Cyberarms.Agents.MailServer.Test.csproj
index f1f5121..6badd93 100644
--- a/Cyberarms.Agents.MailServer.Test/Cyberarms.Agents.MailServer.Test.csproj
+++ b/Cyberarms.Agents.MailServer.Test/Cyberarms.Agents.MailServer.Test.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -11,7 +11,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.Agents.MailServer.Test</RootNamespace>
     <AssemblyName>Cyberarms.Agents.MailServer.Test</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <ProjectTypeGuids>{3AC096D0-A1C2-E12C-1390-A8335801FDAB};{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}</ProjectTypeGuids>
     <SccProjectName>SAK</SccProjectName>
@@ -110,4 +110,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.Agents.MailServer.Test/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs b/Cyberarms.Agents.MailServer.Test/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
new file mode 100644
index 0000000..6574ddf
--- /dev/null
+++ b/Cyberarms.Agents.MailServer.Test/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = "")]
diff --git a/Cyberarms.Agents.MailServer.Test/obj/Release/Cyberarms.Agents.MailServer.Test.csproj.FileListAbsolute.txt b/Cyberarms.Agents.MailServer.Test/obj/Release/Cyberarms.Agents.MailServer.Test.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..bd88cdb
--- /dev/null
+++ b/Cyberarms.Agents.MailServer.Test/obj/Release/Cyberarms.Agents.MailServer.Test.csproj.FileListAbsolute.txt
@@ -0,0 +1,3 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MailServer.Test\obj\Release\Cyberarms.Agents.MailServer.Test.csproj.AssemblyReference.cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MailServer.Test\obj\Release\Cyberarms.Agents.MailServer.Test.csproj.CoreCompileInputs.cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MailServer.Test\obj\Release\Cyberarms.Agents.MailServer.Test.csprojResolveAssemblyReference.cache
diff --git a/Cyberarms.Agents.MailServer/Cyberarms.Agents.MailServer.csproj b/Cyberarms.Agents.MailServer/Cyberarms.Agents.MailServer.csproj
index 91faa87..480d553 100644
--- a/Cyberarms.Agents.MailServer/Cyberarms.Agents.MailServer.csproj
+++ b/Cyberarms.Agents.MailServer/Cyberarms.Agents.MailServer.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.Agents.MailServer</RootNamespace>
     <AssemblyName>Cyberarms.Agents.MailServer</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
     <SccLocalPath>SAK</SccLocalPath>
@@ -113,4 +113,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.Agents.MailServer/bin/x86/Release/Cyberarms.Agents.MailServer.dll b/Cyberarms.Agents.MailServer/bin/x86/Release/Cyberarms.Agents.MailServer.dll
new file mode 100644
index 0000000..b9a5aaa
Binary files /dev/null and b/Cyberarms.Agents.MailServer/bin/x86/Release/Cyberarms.Agents.MailServer.dll differ
diff --git a/Cyberarms.Agents.MailServer/bin/x86/Release/Cyberarms.Agents.MailServer.pdb b/Cyberarms.Agents.MailServer/bin/x86/Release/Cyberarms.Agents.MailServer.pdb
new file mode 100644
index 0000000..8cfb871
Binary files /dev/null and b/Cyberarms.Agents.MailServer/bin/x86/Release/Cyberarms.Agents.MailServer.pdb differ
diff --git a/Cyberarms.Agents.MailServer/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.Agents.MailServer/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..bf82d12
Binary files /dev/null and b/Cyberarms.Agents.MailServer/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.Agents.MailServer/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.Agents.MailServer/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..852aa33
Binary files /dev/null and b/Cyberarms.Agents.MailServer/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.Agents.MailServer/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs b/Cyberarms.Agents.MailServer/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
new file mode 100644
index 0000000..6574ddf
--- /dev/null
+++ b/Cyberarms.Agents.MailServer/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = "")]
diff --git a/Cyberarms.Agents.MailServer/obj/x86/Release/Cyberarms.Agents.MailServer.csproj.FileListAbsolute.txt b/Cyberarms.Agents.MailServer/obj/x86/Release/Cyberarms.Agents.MailServer.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..6bda0ef
--- /dev/null
+++ b/Cyberarms.Agents.MailServer/obj/x86/Release/Cyberarms.Agents.MailServer.csproj.FileListAbsolute.txt
@@ -0,0 +1,7 @@
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MailServer\bin\x86\Release\Cyberarms.Agents.MailServer.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MailServer\bin\x86\Release\Cyberarms.Agents.MailServer.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MailServer\bin\x86\Release\Cyberarms.IntrusionDetection.Api.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MailServer\bin\x86\Release\Cyberarms.IntrusionDetection.Api.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MailServer\obj\x86\Release\Cyberarms.Agents.MailServer.csprojResolveAssemblyReference.cache
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MailServer\obj\x86\Release\Cyberarms.Agents.MailServer.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MailServer\obj\x86\Release\Cyberarms.Agents.MailServer.pdb
diff --git a/Cyberarms.Agents.MailServer/obj/x86/Release/Cyberarms.Agents.MailServer.csprojResolveAssemblyReference.cache b/Cyberarms.Agents.MailServer/obj/x86/Release/Cyberarms.Agents.MailServer.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..9b6fed9
Binary files /dev/null and b/Cyberarms.Agents.MailServer/obj/x86/Release/Cyberarms.Agents.MailServer.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.Agents.MailServer/obj/x86/Release/Cyberarms.Agents.MailServer.dll b/Cyberarms.Agents.MailServer/obj/x86/Release/Cyberarms.Agents.MailServer.dll
new file mode 100644
index 0000000..b9a5aaa
Binary files /dev/null and b/Cyberarms.Agents.MailServer/obj/x86/Release/Cyberarms.Agents.MailServer.dll differ
diff --git a/Cyberarms.Agents.MailServer/obj/x86/Release/Cyberarms.Agents.MailServer.pdb b/Cyberarms.Agents.MailServer/obj/x86/Release/Cyberarms.Agents.MailServer.pdb
new file mode 100644
index 0000000..8cfb871
Binary files /dev/null and b/Cyberarms.Agents.MailServer/obj/x86/Release/Cyberarms.Agents.MailServer.pdb differ
diff --git a/Cyberarms.Agents.MySql/Cyberarms.Agents.MySql.csproj b/Cyberarms.Agents.MySql/Cyberarms.Agents.MySql.csproj
index e2ca24b..53360eb 100644
--- a/Cyberarms.Agents.MySql/Cyberarms.Agents.MySql.csproj
+++ b/Cyberarms.Agents.MySql/Cyberarms.Agents.MySql.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.Agents.MySql</RootNamespace>
     <AssemblyName>Cyberarms.Agents.MySql</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
     <SccLocalPath>SAK</SccLocalPath>
@@ -79,4 +79,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.Agents.MySql/bin/Release/Cyberarms.Agents.MySql.dll b/Cyberarms.Agents.MySql/bin/Release/Cyberarms.Agents.MySql.dll
new file mode 100644
index 0000000..322c302
Binary files /dev/null and b/Cyberarms.Agents.MySql/bin/Release/Cyberarms.Agents.MySql.dll differ
diff --git a/Cyberarms.Agents.MySql/bin/Release/Cyberarms.Agents.MySql.pdb b/Cyberarms.Agents.MySql/bin/Release/Cyberarms.Agents.MySql.pdb
new file mode 100644
index 0000000..2245185
Binary files /dev/null and b/Cyberarms.Agents.MySql/bin/Release/Cyberarms.Agents.MySql.pdb differ
diff --git a/Cyberarms.Agents.MySql/bin/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.Agents.MySql/bin/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..1647cea
Binary files /dev/null and b/Cyberarms.Agents.MySql/bin/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.Agents.MySql/bin/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.Agents.MySql/bin/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..0b7344f
Binary files /dev/null and b/Cyberarms.Agents.MySql/bin/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.Agents.MySql/bin/Release/Cyberarms.IntrusionDetection.Api.xml b/Cyberarms.Agents.MySql/bin/Release/Cyberarms.IntrusionDetection.Api.xml
new file mode 100644
index 0000000..b345d21
--- /dev/null
+++ b/Cyberarms.Agents.MySql/bin/Release/Cyberarms.IntrusionDetection.Api.xml
@@ -0,0 +1,460 @@
+<?xml version="1.0"?>
+<doc>
+    <assembly>
+        <name>Cyberarms.IntrusionDetection.Api</name>
+    </assembly>
+    <members>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase">
+            <summary>
+            This class can be used as base class for custom configuration.
+            Using this base class,Intrusion Detectionautomatically loads and saves configuration values needed by your plugin.
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration">
+            <summary>
+            This interface provídes any property needed forIntrusion Detectionto load and save configuration values for your agent plugin.
+            It is used byIntrusion Detectioninternally, as agent developer, you don't have to care about this interface
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.GetConfigurationType">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.GetConfigurationType">
+            <summary>
+            Returns the type of custom configuration
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings. This must be marked with the System.Xml.Serialization.XmlIgnore() attribute,
+            and the property must ensure to return the right configuration for the plugin.
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.PluginConfigurationXml">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.FileName">
+            <summary>
+            The filename of an agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin">
+            <summary>
+            Base class for agents
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin">
+            <summary>
+            Interface for agents, must be implemented to create aIntrusion Detectionagent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.#ctor">
+            <summary>
+            Initialize the agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnAttackDetected(System.Object,Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+            <summary>
+            Is used to invoke all event listener delegates
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Notification arguments</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStartAgent">
+            <summary>
+            Override this method to do anything required to start your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnPauseAgent">
+            <summary>
+            Override this method to do anything required to pause your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStopAgent">
+            <summary>
+            Override this method to stop your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnContinueAgent">
+            <summary>
+            Override this method to continue your agent from the paused state
+            </summary>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>                
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener">
+            <summary>
+            NotificationReceiver
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener.NotificationReceiver(Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+             <summary>
+            Intrusion Detectioncalls the NotificationReceiver to forward notification event data 
+             </summary>
+             <param name="args"></param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.Names">
+            <summary>
+            Internal class needed for naming
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.Names.pluginTypeNames">
+            <summary>
+            Returns display names 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute">
+            <summary>
+            Custom attribute for plugins to specify displayname and description. 
+            TheIntrusion Detectionadministration software displays the values defined as class attribute
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+            <param name="version">Version number of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.DisplayName">
+            <summary>
+            Display name of your agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Description">
+            <summary>
+            Add a short description about what your agent does
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Version">
+            <summary>
+            Version number of your agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes">
+            <summary>
+            Plugin types
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.Agent">
+            <summary>
+            Type is agent
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.NotificationListener">
+            <summary>
+            Type is Listener
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler">
+            <summary>
+            Event handler for sending intrusion attempts to theIntrusion DetectionService
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Intrusion notification details</param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs">
+            <summary>
+            Notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs">
+            <summary>
+            Base class for notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration">
+            <summary>
+            Base class for plugin configuration settings
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration)">
+            <summary>
+            Clone from another PluginConfiguration of the same type
+            </summary>
+            <param name="source"></param>
+        </member>
+    </members>
+</doc>
diff --git a/Cyberarms.Agents.MySql/bin/Release/mscorlib.dll b/Cyberarms.Agents.MySql/bin/Release/mscorlib.dll
new file mode 100644
index 0000000..2e8c900
Binary files /dev/null and b/Cyberarms.Agents.MySql/bin/Release/mscorlib.dll differ
diff --git a/Cyberarms.Agents.MySql/bin/Release/normidna.nlp b/Cyberarms.Agents.MySql/bin/Release/normidna.nlp
new file mode 100644
index 0000000..5a69df1
Binary files /dev/null and b/Cyberarms.Agents.MySql/bin/Release/normidna.nlp differ
diff --git a/Cyberarms.Agents.MySql/bin/Release/normnfc.nlp b/Cyberarms.Agents.MySql/bin/Release/normnfc.nlp
new file mode 100644
index 0000000..f198144
Binary files /dev/null and b/Cyberarms.Agents.MySql/bin/Release/normnfc.nlp differ
diff --git a/Cyberarms.Agents.MySql/bin/Release/normnfd.nlp b/Cyberarms.Agents.MySql/bin/Release/normnfd.nlp
new file mode 100644
index 0000000..16e88e1
Binary files /dev/null and b/Cyberarms.Agents.MySql/bin/Release/normnfd.nlp differ
diff --git a/Cyberarms.Agents.MySql/bin/Release/normnfkc.nlp b/Cyberarms.Agents.MySql/bin/Release/normnfkc.nlp
new file mode 100644
index 0000000..55406db
Binary files /dev/null and b/Cyberarms.Agents.MySql/bin/Release/normnfkc.nlp differ
diff --git a/Cyberarms.Agents.MySql/bin/Release/normnfkd.nlp b/Cyberarms.Agents.MySql/bin/Release/normnfkd.nlp
new file mode 100644
index 0000000..b7386c4
Binary files /dev/null and b/Cyberarms.Agents.MySql/bin/Release/normnfkd.nlp differ
diff --git a/Cyberarms.Agents.MySql/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs b/Cyberarms.Agents.MySql/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
new file mode 100644
index 0000000..6574ddf
--- /dev/null
+++ b/Cyberarms.Agents.MySql/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = "")]
diff --git a/Cyberarms.Agents.MySql/obj/Release/Cyberarms.Agents.MySql.Resource.resources b/Cyberarms.Agents.MySql/obj/Release/Cyberarms.Agents.MySql.Resource.resources
new file mode 100644
index 0000000..d12e415
Binary files /dev/null and b/Cyberarms.Agents.MySql/obj/Release/Cyberarms.Agents.MySql.Resource.resources differ
diff --git a/Cyberarms.Agents.MySql/obj/Release/Cyberarms.Agents.MySql.csproj.FileListAbsolute.txt b/Cyberarms.Agents.MySql/obj/Release/Cyberarms.Agents.MySql.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..f8ae9df
--- /dev/null
+++ b/Cyberarms.Agents.MySql/obj/Release/Cyberarms.Agents.MySql.csproj.FileListAbsolute.txt
@@ -0,0 +1,15 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MySql\bin\Release\Cyberarms.Agents.MySql.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MySql\bin\Release\Cyberarms.Agents.MySql.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MySql\bin\Release\Cyberarms.IntrusionDetection.Api.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MySql\bin\Release\Cyberarms.IntrusionDetection.Api.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MySql\bin\Release\Cyberarms.IntrusionDetection.Api.xml
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MySql\obj\Release\Cyberarms.Agents.MySql.Resource.resources
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MySql\obj\Release\Cyberarms.Agents.MySql.csproj.GenerateResource.Cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MySql\obj\Release\Cyberarms.Agents.MySql.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MySql\obj\Release\Cyberarms.Agents.MySql.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MySql\bin\Release\mscorlib.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MySql\bin\Release\normidna.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MySql\bin\Release\normnfc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MySql\bin\Release\normnfd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MySql\bin\Release\normnfkc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.MySql\bin\Release\normnfkd.nlp
diff --git a/Cyberarms.Agents.MySql/obj/Release/Cyberarms.Agents.MySql.csproj.GenerateResource.Cache b/Cyberarms.Agents.MySql/obj/Release/Cyberarms.Agents.MySql.csproj.GenerateResource.Cache
new file mode 100644
index 0000000..4567086
Binary files /dev/null and b/Cyberarms.Agents.MySql/obj/Release/Cyberarms.Agents.MySql.csproj.GenerateResource.Cache differ
diff --git a/Cyberarms.Agents.MySql/obj/Release/Cyberarms.Agents.MySql.dll b/Cyberarms.Agents.MySql/obj/Release/Cyberarms.Agents.MySql.dll
new file mode 100644
index 0000000..322c302
Binary files /dev/null and b/Cyberarms.Agents.MySql/obj/Release/Cyberarms.Agents.MySql.dll differ
diff --git a/Cyberarms.Agents.MySql/obj/Release/Cyberarms.Agents.MySql.pdb b/Cyberarms.Agents.MySql/obj/Release/Cyberarms.Agents.MySql.pdb
new file mode 100644
index 0000000..2245185
Binary files /dev/null and b/Cyberarms.Agents.MySql/obj/Release/Cyberarms.Agents.MySql.pdb differ
diff --git a/Cyberarms.Agents.Smtp/Cyberarms.Agents.Smtp.csproj b/Cyberarms.Agents.Smtp/Cyberarms.Agents.Smtp.csproj
index a82b20f..162587f 100644
--- a/Cyberarms.Agents.Smtp/Cyberarms.Agents.Smtp.csproj
+++ b/Cyberarms.Agents.Smtp/Cyberarms.Agents.Smtp.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.Agents.Smtp</RootNamespace>
     <AssemblyName>Cyberarms.Agents.Smtp</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
     <SccLocalPath>SAK</SccLocalPath>
@@ -135,4 +135,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.Agents.Smtp/bin/Release/Cyberarms.Agents.Smtp.dll b/Cyberarms.Agents.Smtp/bin/Release/Cyberarms.Agents.Smtp.dll
new file mode 100644
index 0000000..963f328
Binary files /dev/null and b/Cyberarms.Agents.Smtp/bin/Release/Cyberarms.Agents.Smtp.dll differ
diff --git a/Cyberarms.Agents.Smtp/bin/Release/Cyberarms.Agents.Smtp.pdb b/Cyberarms.Agents.Smtp/bin/Release/Cyberarms.Agents.Smtp.pdb
new file mode 100644
index 0000000..2733627
Binary files /dev/null and b/Cyberarms.Agents.Smtp/bin/Release/Cyberarms.Agents.Smtp.pdb differ
diff --git a/Cyberarms.Agents.Smtp/bin/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.Agents.Smtp/bin/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..1647cea
Binary files /dev/null and b/Cyberarms.Agents.Smtp/bin/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.Agents.Smtp/bin/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.Agents.Smtp/bin/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..0b7344f
Binary files /dev/null and b/Cyberarms.Agents.Smtp/bin/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.Agents.Smtp/bin/Release/Cyberarms.IntrusionDetection.Api.xml b/Cyberarms.Agents.Smtp/bin/Release/Cyberarms.IntrusionDetection.Api.xml
new file mode 100644
index 0000000..b345d21
--- /dev/null
+++ b/Cyberarms.Agents.Smtp/bin/Release/Cyberarms.IntrusionDetection.Api.xml
@@ -0,0 +1,460 @@
+<?xml version="1.0"?>
+<doc>
+    <assembly>
+        <name>Cyberarms.IntrusionDetection.Api</name>
+    </assembly>
+    <members>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase">
+            <summary>
+            This class can be used as base class for custom configuration.
+            Using this base class,Intrusion Detectionautomatically loads and saves configuration values needed by your plugin.
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration">
+            <summary>
+            This interface provídes any property needed forIntrusion Detectionto load and save configuration values for your agent plugin.
+            It is used byIntrusion Detectioninternally, as agent developer, you don't have to care about this interface
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.GetConfigurationType">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.GetConfigurationType">
+            <summary>
+            Returns the type of custom configuration
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings. This must be marked with the System.Xml.Serialization.XmlIgnore() attribute,
+            and the property must ensure to return the right configuration for the plugin.
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.PluginConfigurationXml">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.FileName">
+            <summary>
+            The filename of an agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin">
+            <summary>
+            Base class for agents
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin">
+            <summary>
+            Interface for agents, must be implemented to create aIntrusion Detectionagent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.#ctor">
+            <summary>
+            Initialize the agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnAttackDetected(System.Object,Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+            <summary>
+            Is used to invoke all event listener delegates
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Notification arguments</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStartAgent">
+            <summary>
+            Override this method to do anything required to start your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnPauseAgent">
+            <summary>
+            Override this method to do anything required to pause your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStopAgent">
+            <summary>
+            Override this method to stop your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnContinueAgent">
+            <summary>
+            Override this method to continue your agent from the paused state
+            </summary>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>                
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener">
+            <summary>
+            NotificationReceiver
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener.NotificationReceiver(Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+             <summary>
+            Intrusion Detectioncalls the NotificationReceiver to forward notification event data 
+             </summary>
+             <param name="args"></param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.Names">
+            <summary>
+            Internal class needed for naming
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.Names.pluginTypeNames">
+            <summary>
+            Returns display names 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute">
+            <summary>
+            Custom attribute for plugins to specify displayname and description. 
+            TheIntrusion Detectionadministration software displays the values defined as class attribute
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+            <param name="version">Version number of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.DisplayName">
+            <summary>
+            Display name of your agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Description">
+            <summary>
+            Add a short description about what your agent does
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Version">
+            <summary>
+            Version number of your agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes">
+            <summary>
+            Plugin types
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.Agent">
+            <summary>
+            Type is agent
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.NotificationListener">
+            <summary>
+            Type is Listener
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler">
+            <summary>
+            Event handler for sending intrusion attempts to theIntrusion DetectionService
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Intrusion notification details</param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs">
+            <summary>
+            Notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs">
+            <summary>
+            Base class for notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration">
+            <summary>
+            Base class for plugin configuration settings
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration)">
+            <summary>
+            Clone from another PluginConfiguration of the same type
+            </summary>
+            <param name="source"></param>
+        </member>
+    </members>
+</doc>
diff --git a/Cyberarms.Agents.Smtp/bin/Release/mscorlib.dll b/Cyberarms.Agents.Smtp/bin/Release/mscorlib.dll
new file mode 100644
index 0000000..2e8c900
Binary files /dev/null and b/Cyberarms.Agents.Smtp/bin/Release/mscorlib.dll differ
diff --git a/Cyberarms.Agents.Smtp/bin/Release/normidna.nlp b/Cyberarms.Agents.Smtp/bin/Release/normidna.nlp
new file mode 100644
index 0000000..5a69df1
Binary files /dev/null and b/Cyberarms.Agents.Smtp/bin/Release/normidna.nlp differ
diff --git a/Cyberarms.Agents.Smtp/bin/Release/normnfc.nlp b/Cyberarms.Agents.Smtp/bin/Release/normnfc.nlp
new file mode 100644
index 0000000..f198144
Binary files /dev/null and b/Cyberarms.Agents.Smtp/bin/Release/normnfc.nlp differ
diff --git a/Cyberarms.Agents.Smtp/bin/Release/normnfd.nlp b/Cyberarms.Agents.Smtp/bin/Release/normnfd.nlp
new file mode 100644
index 0000000..16e88e1
Binary files /dev/null and b/Cyberarms.Agents.Smtp/bin/Release/normnfd.nlp differ
diff --git a/Cyberarms.Agents.Smtp/bin/Release/normnfkc.nlp b/Cyberarms.Agents.Smtp/bin/Release/normnfkc.nlp
new file mode 100644
index 0000000..55406db
Binary files /dev/null and b/Cyberarms.Agents.Smtp/bin/Release/normnfkc.nlp differ
diff --git a/Cyberarms.Agents.Smtp/bin/Release/normnfkd.nlp b/Cyberarms.Agents.Smtp/bin/Release/normnfkd.nlp
new file mode 100644
index 0000000..b7386c4
Binary files /dev/null and b/Cyberarms.Agents.Smtp/bin/Release/normnfkd.nlp differ
diff --git a/Cyberarms.Agents.Smtp/bin/x86/Release/Cyberarms.Agents.Smtp.dll b/Cyberarms.Agents.Smtp/bin/x86/Release/Cyberarms.Agents.Smtp.dll
new file mode 100644
index 0000000..645b1a3
Binary files /dev/null and b/Cyberarms.Agents.Smtp/bin/x86/Release/Cyberarms.Agents.Smtp.dll differ
diff --git a/Cyberarms.Agents.Smtp/bin/x86/Release/Cyberarms.Agents.Smtp.pdb b/Cyberarms.Agents.Smtp/bin/x86/Release/Cyberarms.Agents.Smtp.pdb
new file mode 100644
index 0000000..7378b93
Binary files /dev/null and b/Cyberarms.Agents.Smtp/bin/x86/Release/Cyberarms.Agents.Smtp.pdb differ
diff --git a/Cyberarms.Agents.Smtp/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.Agents.Smtp/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..9df7cc7
Binary files /dev/null and b/Cyberarms.Agents.Smtp/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.Agents.Smtp/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.Agents.Smtp/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..586ac8e
Binary files /dev/null and b/Cyberarms.Agents.Smtp/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.Agents.Smtp/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs b/Cyberarms.Agents.Smtp/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
new file mode 100644
index 0000000..6574ddf
--- /dev/null
+++ b/Cyberarms.Agents.Smtp/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = "")]
diff --git a/Cyberarms.Agents.Smtp/obj/Release/Cyberarms.Agents.Smtp.Resource.resources b/Cyberarms.Agents.Smtp/obj/Release/Cyberarms.Agents.Smtp.Resource.resources
new file mode 100644
index 0000000..7cbee86
Binary files /dev/null and b/Cyberarms.Agents.Smtp/obj/Release/Cyberarms.Agents.Smtp.Resource.resources differ
diff --git a/Cyberarms.Agents.Smtp/obj/Release/Cyberarms.Agents.Smtp.csproj.FileListAbsolute.txt b/Cyberarms.Agents.Smtp/obj/Release/Cyberarms.Agents.Smtp.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..9088ea5
--- /dev/null
+++ b/Cyberarms.Agents.Smtp/obj/Release/Cyberarms.Agents.Smtp.csproj.FileListAbsolute.txt
@@ -0,0 +1,15 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\bin\Release\Cyberarms.Agents.Smtp.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\bin\Release\Cyberarms.Agents.Smtp.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\bin\Release\Cyberarms.IntrusionDetection.Api.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\bin\Release\Cyberarms.IntrusionDetection.Api.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\bin\Release\Cyberarms.IntrusionDetection.Api.xml
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\obj\Release\Cyberarms.Agents.Smtp.Resource.resources
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\obj\Release\Cyberarms.Agents.Smtp.csproj.GenerateResource.Cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\obj\Release\Cyberarms.Agents.Smtp.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\obj\Release\Cyberarms.Agents.Smtp.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\bin\Release\mscorlib.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\bin\Release\normidna.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\bin\Release\normnfc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\bin\Release\normnfd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\bin\Release\normnfkc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\bin\Release\normnfkd.nlp
diff --git a/Cyberarms.Agents.Smtp/obj/Release/Cyberarms.Agents.Smtp.csproj.GenerateResource.Cache b/Cyberarms.Agents.Smtp/obj/Release/Cyberarms.Agents.Smtp.csproj.GenerateResource.Cache
new file mode 100644
index 0000000..ee70f62
Binary files /dev/null and b/Cyberarms.Agents.Smtp/obj/Release/Cyberarms.Agents.Smtp.csproj.GenerateResource.Cache differ
diff --git a/Cyberarms.Agents.Smtp/obj/Release/Cyberarms.Agents.Smtp.dll b/Cyberarms.Agents.Smtp/obj/Release/Cyberarms.Agents.Smtp.dll
new file mode 100644
index 0000000..963f328
Binary files /dev/null and b/Cyberarms.Agents.Smtp/obj/Release/Cyberarms.Agents.Smtp.dll differ
diff --git a/Cyberarms.Agents.Smtp/obj/Release/Cyberarms.Agents.Smtp.pdb b/Cyberarms.Agents.Smtp/obj/Release/Cyberarms.Agents.Smtp.pdb
new file mode 100644
index 0000000..2733627
Binary files /dev/null and b/Cyberarms.Agents.Smtp/obj/Release/Cyberarms.Agents.Smtp.pdb differ
diff --git a/Cyberarms.Agents.Smtp/obj/x86/Release/Cyberarms.Agents.Smtp.Resource.resources b/Cyberarms.Agents.Smtp/obj/x86/Release/Cyberarms.Agents.Smtp.Resource.resources
new file mode 100644
index 0000000..7cbee86
Binary files /dev/null and b/Cyberarms.Agents.Smtp/obj/x86/Release/Cyberarms.Agents.Smtp.Resource.resources differ
diff --git a/Cyberarms.Agents.Smtp/obj/x86/Release/Cyberarms.Agents.Smtp.csproj.FileListAbsolute.txt b/Cyberarms.Agents.Smtp/obj/x86/Release/Cyberarms.Agents.Smtp.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..46b1e9b
--- /dev/null
+++ b/Cyberarms.Agents.Smtp/obj/x86/Release/Cyberarms.Agents.Smtp.csproj.FileListAbsolute.txt
@@ -0,0 +1,9 @@
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\bin\x86\Release\Cyberarms.Agents.Smtp.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\bin\x86\Release\Cyberarms.Agents.Smtp.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\bin\x86\Release\Cyberarms.IntrusionDetection.Api.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\bin\x86\Release\Cyberarms.IntrusionDetection.Api.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\obj\x86\Release\Cyberarms.Agents.Smtp.csprojResolveAssemblyReference.cache
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\obj\x86\Release\Cyberarms.Agents.Smtp.Resource.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\obj\x86\Release\Cyberarms.Agents.Smtp.csproj.GenerateResource.Cache
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\obj\x86\Release\Cyberarms.Agents.Smtp.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.Smtp\obj\x86\Release\Cyberarms.Agents.Smtp.pdb
diff --git a/Cyberarms.Agents.Smtp/obj/x86/Release/Cyberarms.Agents.Smtp.csproj.GenerateResource.Cache b/Cyberarms.Agents.Smtp/obj/x86/Release/Cyberarms.Agents.Smtp.csproj.GenerateResource.Cache
new file mode 100644
index 0000000..ee70f62
Binary files /dev/null and b/Cyberarms.Agents.Smtp/obj/x86/Release/Cyberarms.Agents.Smtp.csproj.GenerateResource.Cache differ
diff --git a/Cyberarms.Agents.Smtp/obj/x86/Release/Cyberarms.Agents.Smtp.csprojResolveAssemblyReference.cache b/Cyberarms.Agents.Smtp/obj/x86/Release/Cyberarms.Agents.Smtp.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..ce3b245
Binary files /dev/null and b/Cyberarms.Agents.Smtp/obj/x86/Release/Cyberarms.Agents.Smtp.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.Agents.Smtp/obj/x86/Release/Cyberarms.Agents.Smtp.dll b/Cyberarms.Agents.Smtp/obj/x86/Release/Cyberarms.Agents.Smtp.dll
new file mode 100644
index 0000000..645b1a3
Binary files /dev/null and b/Cyberarms.Agents.Smtp/obj/x86/Release/Cyberarms.Agents.Smtp.dll differ
diff --git a/Cyberarms.Agents.Smtp/obj/x86/Release/Cyberarms.Agents.Smtp.pdb b/Cyberarms.Agents.Smtp/obj/x86/Release/Cyberarms.Agents.Smtp.pdb
new file mode 100644
index 0000000..7378b93
Binary files /dev/null and b/Cyberarms.Agents.Smtp/obj/x86/Release/Cyberarms.Agents.Smtp.pdb differ
diff --git a/Cyberarms.Agents.SqlServer/Cyberarms.Agents.SqlServer.csproj b/Cyberarms.Agents.SqlServer/Cyberarms.Agents.SqlServer.csproj
index e5bc64e..e608127 100644
--- a/Cyberarms.Agents.SqlServer/Cyberarms.Agents.SqlServer.csproj
+++ b/Cyberarms.Agents.SqlServer/Cyberarms.Agents.SqlServer.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.Agents.SqlServer</RootNamespace>
     <AssemblyName>Cyberarms.Agents.SqlServer</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
     <SccLocalPath>SAK</SccLocalPath>
@@ -130,4 +130,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.Agents.SqlServer/bin/x86/Release/Cyberarms.Agents.SqlServer.dll b/Cyberarms.Agents.SqlServer/bin/x86/Release/Cyberarms.Agents.SqlServer.dll
new file mode 100644
index 0000000..9823f81
Binary files /dev/null and b/Cyberarms.Agents.SqlServer/bin/x86/Release/Cyberarms.Agents.SqlServer.dll differ
diff --git a/Cyberarms.Agents.SqlServer/bin/x86/Release/Cyberarms.Agents.SqlServer.pdb b/Cyberarms.Agents.SqlServer/bin/x86/Release/Cyberarms.Agents.SqlServer.pdb
new file mode 100644
index 0000000..efa0daf
Binary files /dev/null and b/Cyberarms.Agents.SqlServer/bin/x86/Release/Cyberarms.Agents.SqlServer.pdb differ
diff --git a/Cyberarms.Agents.SqlServer/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.Agents.SqlServer/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..f34494b
Binary files /dev/null and b/Cyberarms.Agents.SqlServer/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.Agents.SqlServer/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.Agents.SqlServer/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..e330b62
Binary files /dev/null and b/Cyberarms.Agents.SqlServer/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.Agents.SqlServer/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs b/Cyberarms.Agents.SqlServer/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
new file mode 100644
index 0000000..6574ddf
--- /dev/null
+++ b/Cyberarms.Agents.SqlServer/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = "")]
diff --git a/Cyberarms.Agents.SqlServer/obj/x86/Release/Cyberarms.Agents.SqlServer.Resource.resources b/Cyberarms.Agents.SqlServer/obj/x86/Release/Cyberarms.Agents.SqlServer.Resource.resources
new file mode 100644
index 0000000..d12e415
Binary files /dev/null and b/Cyberarms.Agents.SqlServer/obj/x86/Release/Cyberarms.Agents.SqlServer.Resource.resources differ
diff --git a/Cyberarms.Agents.SqlServer/obj/x86/Release/Cyberarms.Agents.SqlServer.csproj.FileListAbsolute.txt b/Cyberarms.Agents.SqlServer/obj/x86/Release/Cyberarms.Agents.SqlServer.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..273aa80
--- /dev/null
+++ b/Cyberarms.Agents.SqlServer/obj/x86/Release/Cyberarms.Agents.SqlServer.csproj.FileListAbsolute.txt
@@ -0,0 +1,9 @@
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.SqlServer\bin\x86\Release\Cyberarms.Agents.SqlServer.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.SqlServer\bin\x86\Release\Cyberarms.Agents.SqlServer.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.SqlServer\bin\x86\Release\Cyberarms.IntrusionDetection.Api.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.SqlServer\bin\x86\Release\Cyberarms.IntrusionDetection.Api.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.SqlServer\obj\x86\Release\Cyberarms.Agents.SqlServer.csprojResolveAssemblyReference.cache
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.SqlServer\obj\x86\Release\Cyberarms.Agents.SqlServer.Resource.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.SqlServer\obj\x86\Release\Cyberarms.Agents.SqlServer.csproj.GenerateResource.Cache
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.SqlServer\obj\x86\Release\Cyberarms.Agents.SqlServer.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.SqlServer\obj\x86\Release\Cyberarms.Agents.SqlServer.pdb
diff --git a/Cyberarms.Agents.SqlServer/obj/x86/Release/Cyberarms.Agents.SqlServer.csproj.GenerateResource.Cache b/Cyberarms.Agents.SqlServer/obj/x86/Release/Cyberarms.Agents.SqlServer.csproj.GenerateResource.Cache
new file mode 100644
index 0000000..4567086
Binary files /dev/null and b/Cyberarms.Agents.SqlServer/obj/x86/Release/Cyberarms.Agents.SqlServer.csproj.GenerateResource.Cache differ
diff --git a/Cyberarms.Agents.SqlServer/obj/x86/Release/Cyberarms.Agents.SqlServer.csprojResolveAssemblyReference.cache b/Cyberarms.Agents.SqlServer/obj/x86/Release/Cyberarms.Agents.SqlServer.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..616d874
Binary files /dev/null and b/Cyberarms.Agents.SqlServer/obj/x86/Release/Cyberarms.Agents.SqlServer.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.Agents.SqlServer/obj/x86/Release/Cyberarms.Agents.SqlServer.dll b/Cyberarms.Agents.SqlServer/obj/x86/Release/Cyberarms.Agents.SqlServer.dll
new file mode 100644
index 0000000..9823f81
Binary files /dev/null and b/Cyberarms.Agents.SqlServer/obj/x86/Release/Cyberarms.Agents.SqlServer.dll differ
diff --git a/Cyberarms.Agents.SqlServer/obj/x86/Release/Cyberarms.Agents.SqlServer.pdb b/Cyberarms.Agents.SqlServer/obj/x86/Release/Cyberarms.Agents.SqlServer.pdb
new file mode 100644
index 0000000..efa0daf
Binary files /dev/null and b/Cyberarms.Agents.SqlServer/obj/x86/Release/Cyberarms.Agents.SqlServer.pdb differ
diff --git a/Cyberarms.Agents.TerminalServer/Cyberarms.Agents.TerminalServer.csproj b/Cyberarms.Agents.TerminalServer/Cyberarms.Agents.TerminalServer.csproj
index c026c9e..2fc65a6 100644
--- a/Cyberarms.Agents.TerminalServer/Cyberarms.Agents.TerminalServer.csproj
+++ b/Cyberarms.Agents.TerminalServer/Cyberarms.Agents.TerminalServer.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.Agents.TerminalServer</RootNamespace>
     <AssemblyName>Cyberarms.Agents.TerminalServer</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
     <SccLocalPath>SAK</SccLocalPath>
@@ -137,4 +137,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.Agents.TerminalServer/bin/x86/Release/Cyberarms.Agents.TerminalServer.dll b/Cyberarms.Agents.TerminalServer/bin/x86/Release/Cyberarms.Agents.TerminalServer.dll
new file mode 100644
index 0000000..b6f022c
Binary files /dev/null and b/Cyberarms.Agents.TerminalServer/bin/x86/Release/Cyberarms.Agents.TerminalServer.dll differ
diff --git a/Cyberarms.Agents.TerminalServer/bin/x86/Release/Cyberarms.Agents.TerminalServer.pdb b/Cyberarms.Agents.TerminalServer/bin/x86/Release/Cyberarms.Agents.TerminalServer.pdb
new file mode 100644
index 0000000..4dc2189
Binary files /dev/null and b/Cyberarms.Agents.TerminalServer/bin/x86/Release/Cyberarms.Agents.TerminalServer.pdb differ
diff --git a/Cyberarms.Agents.TerminalServer/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs b/Cyberarms.Agents.TerminalServer/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
new file mode 100644
index 0000000..6574ddf
--- /dev/null
+++ b/Cyberarms.Agents.TerminalServer/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = "")]
diff --git a/Cyberarms.Agents.TerminalServer/obj/x86/Release/Cyberarms.Agents.TerminalServer.Resource.resources b/Cyberarms.Agents.TerminalServer/obj/x86/Release/Cyberarms.Agents.TerminalServer.Resource.resources
new file mode 100644
index 0000000..9a96141
Binary files /dev/null and b/Cyberarms.Agents.TerminalServer/obj/x86/Release/Cyberarms.Agents.TerminalServer.Resource.resources differ
diff --git a/Cyberarms.Agents.TerminalServer/obj/x86/Release/Cyberarms.Agents.TerminalServer.csproj.FileListAbsolute.txt b/Cyberarms.Agents.TerminalServer/obj/x86/Release/Cyberarms.Agents.TerminalServer.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..0ea2db7
--- /dev/null
+++ b/Cyberarms.Agents.TerminalServer/obj/x86/Release/Cyberarms.Agents.TerminalServer.csproj.FileListAbsolute.txt
@@ -0,0 +1,7 @@
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.TerminalServer\bin\x86\Release\Cyberarms.Agents.TerminalServer.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.TerminalServer\bin\x86\Release\Cyberarms.Agents.TerminalServer.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.TerminalServer\obj\x86\Release\Cyberarms.Agents.TerminalServer.csprojResolveAssemblyReference.cache
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.TerminalServer\obj\x86\Release\Cyberarms.Agents.TerminalServer.Resource.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.TerminalServer\obj\x86\Release\Cyberarms.Agents.TerminalServer.csproj.GenerateResource.Cache
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.TerminalServer\obj\x86\Release\Cyberarms.Agents.TerminalServer.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.Agents.TerminalServer\obj\x86\Release\Cyberarms.Agents.TerminalServer.pdb
diff --git a/Cyberarms.Agents.TerminalServer/obj/x86/Release/Cyberarms.Agents.TerminalServer.csproj.GenerateResource.Cache b/Cyberarms.Agents.TerminalServer/obj/x86/Release/Cyberarms.Agents.TerminalServer.csproj.GenerateResource.Cache
new file mode 100644
index 0000000..2f80edc
Binary files /dev/null and b/Cyberarms.Agents.TerminalServer/obj/x86/Release/Cyberarms.Agents.TerminalServer.csproj.GenerateResource.Cache differ
diff --git a/Cyberarms.Agents.TerminalServer/obj/x86/Release/Cyberarms.Agents.TerminalServer.csprojResolveAssemblyReference.cache b/Cyberarms.Agents.TerminalServer/obj/x86/Release/Cyberarms.Agents.TerminalServer.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..6a3a315
Binary files /dev/null and b/Cyberarms.Agents.TerminalServer/obj/x86/Release/Cyberarms.Agents.TerminalServer.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.Agents.TerminalServer/obj/x86/Release/Cyberarms.Agents.TerminalServer.dll b/Cyberarms.Agents.TerminalServer/obj/x86/Release/Cyberarms.Agents.TerminalServer.dll
new file mode 100644
index 0000000..b6f022c
Binary files /dev/null and b/Cyberarms.Agents.TerminalServer/obj/x86/Release/Cyberarms.Agents.TerminalServer.dll differ
diff --git a/Cyberarms.Agents.TerminalServer/obj/x86/Release/Cyberarms.Agents.TerminalServer.pdb b/Cyberarms.Agents.TerminalServer/obj/x86/Release/Cyberarms.Agents.TerminalServer.pdb
new file mode 100644
index 0000000..4dc2189
Binary files /dev/null and b/Cyberarms.Agents.TerminalServer/obj/x86/Release/Cyberarms.Agents.TerminalServer.pdb differ
diff --git a/Cyberarms.Agents.WebSecurity/Cyberarms.Agents.WebSecurity.csproj b/Cyberarms.Agents.WebSecurity/Cyberarms.Agents.WebSecurity.csproj
index 651836c..609098c 100644
--- a/Cyberarms.Agents.WebSecurity/Cyberarms.Agents.WebSecurity.csproj
+++ b/Cyberarms.Agents.WebSecurity/Cyberarms.Agents.WebSecurity.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.Agents.WebSecurity</RootNamespace>
     <AssemblyName>Cyberarms.Agents.WebSecurity</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
     <SccLocalPath>SAK</SccLocalPath>
@@ -90,4 +90,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.Agents.WebSecurity/bin/Release/Cyberarms.Agents.WebSecurity.dll b/Cyberarms.Agents.WebSecurity/bin/Release/Cyberarms.Agents.WebSecurity.dll
new file mode 100644
index 0000000..550c011
Binary files /dev/null and b/Cyberarms.Agents.WebSecurity/bin/Release/Cyberarms.Agents.WebSecurity.dll differ
diff --git a/Cyberarms.Agents.WebSecurity/bin/Release/Cyberarms.Agents.WebSecurity.pdb b/Cyberarms.Agents.WebSecurity/bin/Release/Cyberarms.Agents.WebSecurity.pdb
new file mode 100644
index 0000000..85ec181
Binary files /dev/null and b/Cyberarms.Agents.WebSecurity/bin/Release/Cyberarms.Agents.WebSecurity.pdb differ
diff --git a/Cyberarms.Agents.WebSecurity/bin/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.Agents.WebSecurity/bin/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..1647cea
Binary files /dev/null and b/Cyberarms.Agents.WebSecurity/bin/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.Agents.WebSecurity/bin/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.Agents.WebSecurity/bin/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..0b7344f
Binary files /dev/null and b/Cyberarms.Agents.WebSecurity/bin/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.Agents.WebSecurity/bin/Release/Cyberarms.IntrusionDetection.Api.xml b/Cyberarms.Agents.WebSecurity/bin/Release/Cyberarms.IntrusionDetection.Api.xml
new file mode 100644
index 0000000..b345d21
--- /dev/null
+++ b/Cyberarms.Agents.WebSecurity/bin/Release/Cyberarms.IntrusionDetection.Api.xml
@@ -0,0 +1,460 @@
+<?xml version="1.0"?>
+<doc>
+    <assembly>
+        <name>Cyberarms.IntrusionDetection.Api</name>
+    </assembly>
+    <members>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase">
+            <summary>
+            This class can be used as base class for custom configuration.
+            Using this base class,Intrusion Detectionautomatically loads and saves configuration values needed by your plugin.
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration">
+            <summary>
+            This interface provídes any property needed forIntrusion Detectionto load and save configuration values for your agent plugin.
+            It is used byIntrusion Detectioninternally, as agent developer, you don't have to care about this interface
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.GetConfigurationType">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.GetConfigurationType">
+            <summary>
+            Returns the type of custom configuration
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings. This must be marked with the System.Xml.Serialization.XmlIgnore() attribute,
+            and the property must ensure to return the right configuration for the plugin.
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.PluginConfigurationXml">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.FileName">
+            <summary>
+            The filename of an agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin">
+            <summary>
+            Base class for agents
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin">
+            <summary>
+            Interface for agents, must be implemented to create aIntrusion Detectionagent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.#ctor">
+            <summary>
+            Initialize the agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnAttackDetected(System.Object,Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+            <summary>
+            Is used to invoke all event listener delegates
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Notification arguments</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStartAgent">
+            <summary>
+            Override this method to do anything required to start your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnPauseAgent">
+            <summary>
+            Override this method to do anything required to pause your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStopAgent">
+            <summary>
+            Override this method to stop your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnContinueAgent">
+            <summary>
+            Override this method to continue your agent from the paused state
+            </summary>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>                
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener">
+            <summary>
+            NotificationReceiver
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener.NotificationReceiver(Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+             <summary>
+            Intrusion Detectioncalls the NotificationReceiver to forward notification event data 
+             </summary>
+             <param name="args"></param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.Names">
+            <summary>
+            Internal class needed for naming
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.Names.pluginTypeNames">
+            <summary>
+            Returns display names 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute">
+            <summary>
+            Custom attribute for plugins to specify displayname and description. 
+            TheIntrusion Detectionadministration software displays the values defined as class attribute
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+            <param name="version">Version number of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.DisplayName">
+            <summary>
+            Display name of your agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Description">
+            <summary>
+            Add a short description about what your agent does
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Version">
+            <summary>
+            Version number of your agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes">
+            <summary>
+            Plugin types
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.Agent">
+            <summary>
+            Type is agent
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.NotificationListener">
+            <summary>
+            Type is Listener
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler">
+            <summary>
+            Event handler for sending intrusion attempts to theIntrusion DetectionService
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Intrusion notification details</param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs">
+            <summary>
+            Notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs">
+            <summary>
+            Base class for notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration">
+            <summary>
+            Base class for plugin configuration settings
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration)">
+            <summary>
+            Clone from another PluginConfiguration of the same type
+            </summary>
+            <param name="source"></param>
+        </member>
+    </members>
+</doc>
diff --git a/Cyberarms.Agents.WebSecurity/bin/Release/mscorlib.dll b/Cyberarms.Agents.WebSecurity/bin/Release/mscorlib.dll
new file mode 100644
index 0000000..2e8c900
Binary files /dev/null and b/Cyberarms.Agents.WebSecurity/bin/Release/mscorlib.dll differ
diff --git a/Cyberarms.Agents.WebSecurity/bin/Release/normidna.nlp b/Cyberarms.Agents.WebSecurity/bin/Release/normidna.nlp
new file mode 100644
index 0000000..5a69df1
Binary files /dev/null and b/Cyberarms.Agents.WebSecurity/bin/Release/normidna.nlp differ
diff --git a/Cyberarms.Agents.WebSecurity/bin/Release/normnfc.nlp b/Cyberarms.Agents.WebSecurity/bin/Release/normnfc.nlp
new file mode 100644
index 0000000..f198144
Binary files /dev/null and b/Cyberarms.Agents.WebSecurity/bin/Release/normnfc.nlp differ
diff --git a/Cyberarms.Agents.WebSecurity/bin/Release/normnfd.nlp b/Cyberarms.Agents.WebSecurity/bin/Release/normnfd.nlp
new file mode 100644
index 0000000..16e88e1
Binary files /dev/null and b/Cyberarms.Agents.WebSecurity/bin/Release/normnfd.nlp differ
diff --git a/Cyberarms.Agents.WebSecurity/bin/Release/normnfkc.nlp b/Cyberarms.Agents.WebSecurity/bin/Release/normnfkc.nlp
new file mode 100644
index 0000000..55406db
Binary files /dev/null and b/Cyberarms.Agents.WebSecurity/bin/Release/normnfkc.nlp differ
diff --git a/Cyberarms.Agents.WebSecurity/bin/Release/normnfkd.nlp b/Cyberarms.Agents.WebSecurity/bin/Release/normnfkd.nlp
new file mode 100644
index 0000000..b7386c4
Binary files /dev/null and b/Cyberarms.Agents.WebSecurity/bin/Release/normnfkd.nlp differ
diff --git a/Cyberarms.Agents.WebSecurity/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs b/Cyberarms.Agents.WebSecurity/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
new file mode 100644
index 0000000..6574ddf
--- /dev/null
+++ b/Cyberarms.Agents.WebSecurity/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = "")]
diff --git a/Cyberarms.Agents.WebSecurity/obj/Release/Cyberarms.Agents.WebSecurity.Resource.resources b/Cyberarms.Agents.WebSecurity/obj/Release/Cyberarms.Agents.WebSecurity.Resource.resources
new file mode 100644
index 0000000..7506bc9
Binary files /dev/null and b/Cyberarms.Agents.WebSecurity/obj/Release/Cyberarms.Agents.WebSecurity.Resource.resources differ
diff --git a/Cyberarms.Agents.WebSecurity/obj/Release/Cyberarms.Agents.WebSecurity.csproj.FileListAbsolute.txt b/Cyberarms.Agents.WebSecurity/obj/Release/Cyberarms.Agents.WebSecurity.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..69e3944
--- /dev/null
+++ b/Cyberarms.Agents.WebSecurity/obj/Release/Cyberarms.Agents.WebSecurity.csproj.FileListAbsolute.txt
@@ -0,0 +1,15 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.WebSecurity\bin\Release\Cyberarms.Agents.WebSecurity.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.WebSecurity\bin\Release\Cyberarms.Agents.WebSecurity.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.WebSecurity\bin\Release\Cyberarms.IntrusionDetection.Api.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.WebSecurity\bin\Release\Cyberarms.IntrusionDetection.Api.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.WebSecurity\bin\Release\Cyberarms.IntrusionDetection.Api.xml
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.WebSecurity\obj\Release\Cyberarms.Agents.WebSecurity.Resource.resources
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.WebSecurity\obj\Release\Cyberarms.Agents.WebSecurity.csproj.GenerateResource.Cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.WebSecurity\obj\Release\Cyberarms.Agents.WebSecurity.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.WebSecurity\obj\Release\Cyberarms.Agents.WebSecurity.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.WebSecurity\bin\Release\mscorlib.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.WebSecurity\bin\Release\normidna.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.WebSecurity\bin\Release\normnfc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.WebSecurity\bin\Release\normnfd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.WebSecurity\bin\Release\normnfkc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.Agents.WebSecurity\bin\Release\normnfkd.nlp
diff --git a/Cyberarms.Agents.WebSecurity/obj/Release/Cyberarms.Agents.WebSecurity.csproj.GenerateResource.Cache b/Cyberarms.Agents.WebSecurity/obj/Release/Cyberarms.Agents.WebSecurity.csproj.GenerateResource.Cache
new file mode 100644
index 0000000..a76e471
Binary files /dev/null and b/Cyberarms.Agents.WebSecurity/obj/Release/Cyberarms.Agents.WebSecurity.csproj.GenerateResource.Cache differ
diff --git a/Cyberarms.Agents.WebSecurity/obj/Release/Cyberarms.Agents.WebSecurity.dll b/Cyberarms.Agents.WebSecurity/obj/Release/Cyberarms.Agents.WebSecurity.dll
new file mode 100644
index 0000000..550c011
Binary files /dev/null and b/Cyberarms.Agents.WebSecurity/obj/Release/Cyberarms.Agents.WebSecurity.dll differ
diff --git a/Cyberarms.Agents.WebSecurity/obj/Release/Cyberarms.Agents.WebSecurity.pdb b/Cyberarms.Agents.WebSecurity/obj/Release/Cyberarms.Agents.WebSecurity.pdb
new file mode 100644
index 0000000..85ec181
Binary files /dev/null and b/Cyberarms.Agents.WebSecurity/obj/Release/Cyberarms.Agents.WebSecurity.pdb differ
diff --git a/Cyberarms.IDDS.Management/Cyberarms.IDDS.Management.csproj b/Cyberarms.IDDS.Management/Cyberarms.IDDS.Management.csproj
index f72d2a6..7d7d993 100644
--- a/Cyberarms.IDDS.Management/Cyberarms.IDDS.Management.csproj
+++ b/Cyberarms.IDDS.Management/Cyberarms.IDDS.Management.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.IDDS.Management</RootNamespace>
     <AssemblyName>iddsadmin</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
     <SccLocalPath>SAK</SccLocalPath>
@@ -88,4 +88,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.IDDS.Management/app.config b/Cyberarms.IDDS.Management/app.config
new file mode 100644
index 0000000..a1195e1
--- /dev/null
+++ b/Cyberarms.IDDS.Management/app.config
@@ -0,0 +1,14 @@
+<?xml version="1.0"?>
+<configuration>
+  <startup>
+    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>
+  </startup>
+  <runtime>
+    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+      <dependentAssembly>
+        <assemblyIdentity name="System.Data.SQLite" publicKeyToken="db937bc2d44ff139" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-2.0.0.0" newVersion="1.0.112.1" />
+      </dependentAssembly>
+    </assemblyBinding>
+  </runtime>
+</configuration>
diff --git a/Cyberarms.IDDS.Management/bin/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.IDDS.Management/bin/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..1647cea
Binary files /dev/null and b/Cyberarms.IDDS.Management/bin/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.IDDS.Management/bin/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.IDDS.Management/bin/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..0b7344f
Binary files /dev/null and b/Cyberarms.IDDS.Management/bin/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.IDDS.Management/bin/Release/Cyberarms.IntrusionDetection.Api.xml b/Cyberarms.IDDS.Management/bin/Release/Cyberarms.IntrusionDetection.Api.xml
new file mode 100644
index 0000000..b345d21
--- /dev/null
+++ b/Cyberarms.IDDS.Management/bin/Release/Cyberarms.IntrusionDetection.Api.xml
@@ -0,0 +1,460 @@
+<?xml version="1.0"?>
+<doc>
+    <assembly>
+        <name>Cyberarms.IntrusionDetection.Api</name>
+    </assembly>
+    <members>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase">
+            <summary>
+            This class can be used as base class for custom configuration.
+            Using this base class,Intrusion Detectionautomatically loads and saves configuration values needed by your plugin.
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration">
+            <summary>
+            This interface provídes any property needed forIntrusion Detectionto load and save configuration values for your agent plugin.
+            It is used byIntrusion Detectioninternally, as agent developer, you don't have to care about this interface
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.GetConfigurationType">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.GetConfigurationType">
+            <summary>
+            Returns the type of custom configuration
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings. This must be marked with the System.Xml.Serialization.XmlIgnore() attribute,
+            and the property must ensure to return the right configuration for the plugin.
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.PluginConfigurationXml">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.FileName">
+            <summary>
+            The filename of an agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin">
+            <summary>
+            Base class for agents
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin">
+            <summary>
+            Interface for agents, must be implemented to create aIntrusion Detectionagent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.#ctor">
+            <summary>
+            Initialize the agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnAttackDetected(System.Object,Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+            <summary>
+            Is used to invoke all event listener delegates
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Notification arguments</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStartAgent">
+            <summary>
+            Override this method to do anything required to start your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnPauseAgent">
+            <summary>
+            Override this method to do anything required to pause your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStopAgent">
+            <summary>
+            Override this method to stop your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnContinueAgent">
+            <summary>
+            Override this method to continue your agent from the paused state
+            </summary>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>                
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener">
+            <summary>
+            NotificationReceiver
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener.NotificationReceiver(Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+             <summary>
+            Intrusion Detectioncalls the NotificationReceiver to forward notification event data 
+             </summary>
+             <param name="args"></param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.Names">
+            <summary>
+            Internal class needed for naming
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.Names.pluginTypeNames">
+            <summary>
+            Returns display names 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute">
+            <summary>
+            Custom attribute for plugins to specify displayname and description. 
+            TheIntrusion Detectionadministration software displays the values defined as class attribute
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+            <param name="version">Version number of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.DisplayName">
+            <summary>
+            Display name of your agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Description">
+            <summary>
+            Add a short description about what your agent does
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Version">
+            <summary>
+            Version number of your agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes">
+            <summary>
+            Plugin types
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.Agent">
+            <summary>
+            Type is agent
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.NotificationListener">
+            <summary>
+            Type is Listener
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler">
+            <summary>
+            Event handler for sending intrusion attempts to theIntrusion DetectionService
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Intrusion notification details</param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs">
+            <summary>
+            Notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs">
+            <summary>
+            Base class for notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration">
+            <summary>
+            Base class for plugin configuration settings
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration)">
+            <summary>
+            Clone from another PluginConfiguration of the same type
+            </summary>
+            <param name="source"></param>
+        </member>
+    </members>
+</doc>
diff --git a/Cyberarms.IDDS.Management/bin/Release/Cyberarms.IntrusionDetection.Shared.dll b/Cyberarms.IDDS.Management/bin/Release/Cyberarms.IntrusionDetection.Shared.dll
new file mode 100644
index 0000000..ace3fea
Binary files /dev/null and b/Cyberarms.IDDS.Management/bin/Release/Cyberarms.IntrusionDetection.Shared.dll differ
diff --git a/Cyberarms.IDDS.Management/bin/Release/Cyberarms.IntrusionDetection.Shared.pdb b/Cyberarms.IDDS.Management/bin/Release/Cyberarms.IntrusionDetection.Shared.pdb
new file mode 100644
index 0000000..d3920e3
Binary files /dev/null and b/Cyberarms.IDDS.Management/bin/Release/Cyberarms.IntrusionDetection.Shared.pdb differ
diff --git a/Cyberarms.IDDS.Management/bin/Release/Microsoft.CSharp.dll b/Cyberarms.IDDS.Management/bin/Release/Microsoft.CSharp.dll
new file mode 100644
index 0000000..41c3956
Binary files /dev/null and b/Cyberarms.IDDS.Management/bin/Release/Microsoft.CSharp.dll differ
diff --git a/Cyberarms.IDDS.Management/bin/Release/iddsadmin.exe b/Cyberarms.IDDS.Management/bin/Release/iddsadmin.exe
new file mode 100644
index 0000000..faf3ce6
Binary files /dev/null and b/Cyberarms.IDDS.Management/bin/Release/iddsadmin.exe differ
diff --git a/Cyberarms.IDDS.Management/bin/Release/iddsadmin.pdb b/Cyberarms.IDDS.Management/bin/Release/iddsadmin.pdb
new file mode 100644
index 0000000..3d5e321
Binary files /dev/null and b/Cyberarms.IDDS.Management/bin/Release/iddsadmin.pdb differ
diff --git a/Cyberarms.IDDS.Management/bin/Release/mscorlib.dll b/Cyberarms.IDDS.Management/bin/Release/mscorlib.dll
new file mode 100644
index 0000000..2e8c900
Binary files /dev/null and b/Cyberarms.IDDS.Management/bin/Release/mscorlib.dll differ
diff --git a/Cyberarms.IDDS.Management/bin/Release/normidna.nlp b/Cyberarms.IDDS.Management/bin/Release/normidna.nlp
new file mode 100644
index 0000000..5a69df1
Binary files /dev/null and b/Cyberarms.IDDS.Management/bin/Release/normidna.nlp differ
diff --git a/Cyberarms.IDDS.Management/bin/Release/normnfc.nlp b/Cyberarms.IDDS.Management/bin/Release/normnfc.nlp
new file mode 100644
index 0000000..f198144
Binary files /dev/null and b/Cyberarms.IDDS.Management/bin/Release/normnfc.nlp differ
diff --git a/Cyberarms.IDDS.Management/bin/Release/normnfd.nlp b/Cyberarms.IDDS.Management/bin/Release/normnfd.nlp
new file mode 100644
index 0000000..16e88e1
Binary files /dev/null and b/Cyberarms.IDDS.Management/bin/Release/normnfd.nlp differ
diff --git a/Cyberarms.IDDS.Management/bin/Release/normnfkc.nlp b/Cyberarms.IDDS.Management/bin/Release/normnfkc.nlp
new file mode 100644
index 0000000..55406db
Binary files /dev/null and b/Cyberarms.IDDS.Management/bin/Release/normnfkc.nlp differ
diff --git a/Cyberarms.IDDS.Management/bin/Release/normnfkd.nlp b/Cyberarms.IDDS.Management/bin/Release/normnfkd.nlp
new file mode 100644
index 0000000..b7386c4
Binary files /dev/null and b/Cyberarms.IDDS.Management/bin/Release/normnfkd.nlp differ
diff --git a/Cyberarms.IDDS.Management/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs b/Cyberarms.IDDS.Management/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
new file mode 100644
index 0000000..6574ddf
--- /dev/null
+++ b/Cyberarms.IDDS.Management/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = "")]
diff --git a/Cyberarms.IDDS.Management/obj/Release/Cyberarms.IDDS.Management.csproj.FileListAbsolute.txt b/Cyberarms.IDDS.Management/obj/Release/Cyberarms.IDDS.Management.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..b5f4da2
--- /dev/null
+++ b/Cyberarms.IDDS.Management/obj/Release/Cyberarms.IDDS.Management.csproj.FileListAbsolute.txt
@@ -0,0 +1,17 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.IDDS.Management\bin\Release\iddsadmin.exe
+C:\Cyberarms\Cyberarms-master\Cyberarms.IDDS.Management\bin\Release\iddsadmin.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IDDS.Management\bin\Release\Cyberarms.IntrusionDetection.Shared.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IDDS.Management\bin\Release\Microsoft.CSharp.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IDDS.Management\bin\Release\Cyberarms.IntrusionDetection.Api.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IDDS.Management\bin\Release\Cyberarms.IntrusionDetection.Shared.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IDDS.Management\bin\Release\Cyberarms.IntrusionDetection.Api.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IDDS.Management\bin\Release\Cyberarms.IntrusionDetection.Api.xml
+C:\Cyberarms\Cyberarms-master\Cyberarms.IDDS.Management\obj\Release\iddsadmin.exe
+C:\Cyberarms\Cyberarms-master\Cyberarms.IDDS.Management\obj\Release\iddsadmin.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IDDS.Management\bin\Release\mscorlib.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IDDS.Management\bin\Release\normidna.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IDDS.Management\bin\Release\normnfc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IDDS.Management\bin\Release\normnfd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IDDS.Management\bin\Release\normnfkc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IDDS.Management\bin\Release\normnfkd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IDDS.Management\obj\Release\Cyberarms.IDDS.Management.csprojResolveAssemblyReference.cache
diff --git a/Cyberarms.IDDS.Management/obj/Release/Cyberarms.IDDS.Management.csprojResolveAssemblyReference.cache b/Cyberarms.IDDS.Management/obj/Release/Cyberarms.IDDS.Management.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..e1f84a7
Binary files /dev/null and b/Cyberarms.IDDS.Management/obj/Release/Cyberarms.IDDS.Management.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.IDDS.Management/obj/Release/iddsadmin.exe b/Cyberarms.IDDS.Management/obj/Release/iddsadmin.exe
new file mode 100644
index 0000000..faf3ce6
Binary files /dev/null and b/Cyberarms.IDDS.Management/obj/Release/iddsadmin.exe differ
diff --git a/Cyberarms.IDDS.Management/obj/Release/iddsadmin.pdb b/Cyberarms.IDDS.Management/obj/Release/iddsadmin.pdb
new file mode 100644
index 0000000..3d5e321
Binary files /dev/null and b/Cyberarms.IDDS.Management/obj/Release/iddsadmin.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Admin/Cyberarms.IntrusionDetection.Admin.csproj b/Cyberarms.IntrusionDetection.Admin/Cyberarms.IntrusionDetection.Admin.csproj
index cbc096b..d0d996b 100644
--- a/Cyberarms.IntrusionDetection.Admin/Cyberarms.IntrusionDetection.Admin.csproj
+++ b/Cyberarms.IntrusionDetection.Admin/Cyberarms.IntrusionDetection.Admin.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.IntrusionDetection.Admin</RootNamespace>
     <AssemblyName>IntrusionDetectionAdmin</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <TargetFrameworkProfile>
     </TargetFrameworkProfile>
     <FileAlignment>512</FileAlignment>
@@ -395,35 +395,6 @@
   <ItemGroup>
     <None Include="Resources\realvista_3dgraphics_gear_16.png" />
   </ItemGroup>
-  <ItemGroup>
-    <COMReference Include="NATUPNPLib">
-      <Guid>{1C565858-F302-471E-B409-F180AA4ABEC6}</Guid>
-      <VersionMajor>1</VersionMajor>
-      <VersionMinor>0</VersionMinor>
-      <Lcid>0</Lcid>
-      <WrapperTool>tlbimp</WrapperTool>
-      <Isolated>False</Isolated>
-      <EmbedInteropTypes>True</EmbedInteropTypes>
-    </COMReference>
-    <COMReference Include="NETCONLib">
-      <Guid>{43E734CA-043D-4A70-9A2C-A8F254063D91}</Guid>
-      <VersionMajor>1</VersionMajor>
-      <VersionMinor>0</VersionMinor>
-      <Lcid>0</Lcid>
-      <WrapperTool>tlbimp</WrapperTool>
-      <Isolated>False</Isolated>
-      <EmbedInteropTypes>True</EmbedInteropTypes>
-    </COMReference>
-    <COMReference Include="NetFwTypeLib">
-      <Guid>{58FBCF7C-E7A9-467C-80B3-FC65E8FCCA08}</Guid>
-      <VersionMajor>1</VersionMajor>
-      <VersionMinor>0</VersionMinor>
-      <Lcid>0</Lcid>
-      <WrapperTool>tlbimp</WrapperTool>
-      <Isolated>False</Isolated>
-      <EmbedInteropTypes>True</EmbedInteropTypes>
-    </COMReference>
-  </ItemGroup>
   <ItemGroup>
     <None Include="Resources\realvista_general_unlock_32.png" />
   </ItemGroup>
@@ -565,4 +536,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.IntrusionDetection.Admin/CyberarmsCurrentLocks.Designer.cs b/Cyberarms.IntrusionDetection.Admin/CyberarmsCurrentLocks.Designer.cs
index 28d659c..d1bf728 100644
--- a/Cyberarms.IntrusionDetection.Admin/CyberarmsCurrentLocks.Designer.cs
+++ b/Cyberarms.IntrusionDetection.Admin/CyberarmsCurrentLocks.Designer.cs
@@ -1,4 +1,4 @@
-namespace Cyberarms.IntrusionDetection.Admin {
+namespace Cyberarms.IntrusionDetection.Admin {
     partial class CyberarmsCurrentLocks {
         /// <summary> 
         /// Required designer variable.
@@ -209,7 +209,7 @@ private void InitializeComponent() {
             this.dataGridViewLocks.RowHeadersVisible = false;
             this.dataGridViewLocks.RowTemplate.DefaultCellStyle.Font = new System.Drawing.Font("Segoe UI", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0)));
             this.dataGridViewLocks.RowTemplate.DefaultCellStyle.ForeColor = System.Drawing.Color.FromArgb(((int)(((byte)(102)))), ((int)(((byte)(102)))), ((int)(((byte)(102)))));
-            this.dataGridViewLocks.RowTemplate.ReadOnly = true;
+            this.dataGridViewLocks.RowTemplate.ReadOnly = false;
             this.dataGridViewLocks.ScrollBars = System.Windows.Forms.ScrollBars.Vertical;
             this.dataGridViewLocks.SelectionMode = System.Windows.Forms.DataGridViewSelectionMode.FullRowSelect;
             this.dataGridViewLocks.Size = new System.Drawing.Size(802, 297);
diff --git a/Cyberarms.IntrusionDetection.Admin/CyberarmsCurrentLocks.cs b/Cyberarms.IntrusionDetection.Admin/CyberarmsCurrentLocks.cs
index 2a79903..bb7ac08 100644
--- a/Cyberarms.IntrusionDetection.Admin/CyberarmsCurrentLocks.cs
+++ b/Cyberarms.IntrusionDetection.Admin/CyberarmsCurrentLocks.cs
@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.ComponentModel;
 using System.Drawing;
@@ -96,10 +96,80 @@ private void actionMenuUnlock_Click(object sender, EventArgs e) {
             }
         }
 
-       
+        public void UpdateLocksList(List<LockInfo> dbLocks) {
+            bool changed = false;
+            if (dataGridViewLocks.Rows.Count != dbLocks.Count) {
+                changed = true;
+            } else {
+                for (int i = 0; i < dbLocks.Count; i++) {
+                    DataGridViewRow row = dataGridViewLocks.Rows[i];
+                    LockInfo dbLock = dbLocks[i];
+                    if (row.Cells[7].Value == null || row.Cells[7].Value.ToString() != dbLock.Id.ToString()) {
+                        changed = true;
+                        break;
+                    }
+                    if (row.Cells[2].Value == null || row.Cells[2].Value.ToString() != dbLock.StatusName) {
+                        changed = true;
+                        break;
+                    }
+                    if (row.Cells[3].Value == null || row.Cells[3].Value.ToString() != dbLock.ClientIp) {
+                        changed = true;
+                        break;
+                    }
+                    if (row.Cells[8].Value == null || int.Parse(row.Cells[8].Value.ToString()) != dbLock.Status) {
+                        changed = true;
+                        break;
+                    }
+                    if (row.Cells[6].Value == null) {
+                        changed = true;
+                        break;
+                    }
+                    DateTime gridUnlockDate;
+                    if (row.Cells[6].Value is DateTime) {
+                        gridUnlockDate = (DateTime)row.Cells[6].Value;
+                    } else if (!DateTime.TryParse(row.Cells[6].Value.ToString(), out gridUnlockDate)) {
+                        changed = true;
+                        break;
+                    }
+                    if (Math.Abs((gridUnlockDate - dbLock.UnlockDate).TotalSeconds) > 1) {
+                        changed = true;
+                        break;
+                    }
+                }
+            }
 
-       
+            if (changed) {
+                int firstVisibleRowIndex = dataGridViewLocks.FirstDisplayedScrollingRowIndex;
+                dataGridViewLocks.Rows.Clear();
+                foreach (LockInfo dbLock in dbLocks) {
+                    int rowIndex = dataGridViewLocks.Rows.Add();
+                    DataGridViewRow row = dataGridViewLocks.Rows[rowIndex];
+                    row.Cells[0].Value = false;
+                    (row.Cells[1] as DataGridViewImageCell).Value = global::Cyberarms.IntrusionDetection.Admin.Properties.Resources.logIcon_softLock;
+                    row.Cells[2].Value = dbLock.StatusName;
+                    row.Cells[3].Value = dbLock.ClientIp;
+                    row.Cells[4].Value = dbLock.DisplayName;
+                    row.Cells[5].Value = dbLock.LockDate;
+                    row.Cells[6].Value = dbLock.UnlockDate;
+                    row.Cells[7].Value = dbLock.Id.ToString();
+                    row.Cells[8].Value = dbLock.Status;
+                }
+                if (firstVisibleRowIndex >= 0 && firstVisibleRowIndex < dataGridViewLocks.Rows.Count) {
+                    try {
+                        dataGridViewLocks.FirstDisplayedScrollingRowIndex = firstVisibleRowIndex;
+                    } catch { }
+                }
+            }
+        }
+    }
 
-       
+    public class LockInfo {
+        public int Id { get; set; }
+        public string StatusName { get; set; }
+        public string ClientIp { get; set; }
+        public string DisplayName { get; set; }
+        public DateTime LockDate { get; set; }
+        public DateTime UnlockDate { get; set; }
+        public int Status { get; set; }
     }
 }
diff --git a/Cyberarms.IntrusionDetection.Admin/IddsAdmin.cs b/Cyberarms.IntrusionDetection.Admin/IddsAdmin.cs
index 0539dd4..15775b6 100644
--- a/Cyberarms.IntrusionDetection.Admin/IddsAdmin.cs
+++ b/Cyberarms.IntrusionDetection.Admin/IddsAdmin.cs
@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.ComponentModel;
 using System.Data;
@@ -105,32 +105,39 @@ public CyberarmsSecurityLog PanelSecurityLog {
                     _panelSecurityLog = new CyberarmsSecurityLog();
                     _panelSecurityLog.Dock = DockStyle.Fill;
                     panelContent.Controls.Add(_panelSecurityLog);
-                    IsUpdating = true;
-                    
-                    IDataReader rdr = IntrusionLog.ReadIntervalGrouped(new TimeSpan(24, 0, 0));
-                    int maxLogId = LastLogId;
-                    while (rdr.Read()) {
-                        int action = int.Parse(rdr["Action"].ToString());
-                        string agentId = Shared.Db.DbValueConverter.ToString(rdr["AgentId"]);
-                        PanelSecurityLog.FillLogEntry(int.Parse(rdr["MaxId"].ToString()), 
-                                int.Parse(rdr["Action"].ToString()), 
-                                agentId, 
-                                IntrusionLog.GetStatusIcon(action), 
-                                IntrusionLog.GetStatusClass(action), DateTime.Parse(rdr["LatestEvent"].ToString()), 
-                                rdr["ClientIP"].ToString(), 
-                                GetLogMessage(agentId,action),
-                                int.Parse(rdr["NumberOfEvents"].ToString()));
-                        if (Convert.ToInt32(rdr["MaxId"]) > maxLogId) maxLogId = Convert.ToInt32(rdr["MaxId"]);
-                    } 
-                    if(maxLogId==0) {
-                        LastLogId = IntrusionLog.GetLastLogId();
-                    }
-                    foreach (SecurityAgent agent in SecurityAgents.Instance) {
-                        _panelSecurityLog.AddAgent(agent);
+                    try {
+                        IsUpdating = true;
+                        using (IDataReader rdr = IntrusionLog.ReadIntervalGrouped(new TimeSpan(24, 0, 0))) {
+                            int maxLogId = LastLogId;
+                            while (rdr.Read()) {
+                                int action = int.Parse(rdr["Action"].ToString());
+                                string agentId = Shared.Db.DbValueConverter.ToString(rdr["AgentId"]);
+                                PanelSecurityLog.FillLogEntry(int.Parse(rdr["MaxId"].ToString()), 
+                                        int.Parse(rdr["Action"].ToString()), 
+                                        agentId, 
+                                        IntrusionLog.GetStatusIcon(action), 
+                                        IntrusionLog.GetStatusClass(action), Shared.Db.DbValueConverter.ToDateTime(rdr["LatestEvent"]), 
+                                        rdr["ClientIP"].ToString(), 
+                                        GetLogMessage(agentId,action),
+                                        int.Parse(rdr["NumberOfEvents"].ToString()));
+                                if (Convert.ToInt32(rdr["MaxId"]) > maxLogId) maxLogId = Convert.ToInt32(rdr["MaxId"]);
+                            } 
+                            if(maxLogId==0) {
+                                LastLogId = IntrusionLog.GetLastLogId();
+                            }
+                            foreach (SecurityAgent agent in SecurityAgents.Instance) {
+                                _panelSecurityLog.AddAgent(agent);
+                            }
+                            rdr.Close();
+                            if (maxLogId > LastLogId) LastLogId = maxLogId;
+                        }
+                    } catch (Exception ex) {
+                        try {
+                            WriteEntry("Error loading Security Log: " + ex.ToString(), EventLogEntryType.Error, 9999, 1);
+                        } catch { }
+                    } finally {
+                        IsUpdating = false;
                     }
-                    rdr.Close();
-                    if (maxLogId > LastLogId) LastLogId = maxLogId;
-                    IsUpdating = false;
                 }
                 return _panelSecurityLog;
             }
@@ -225,64 +232,79 @@ public string GetLogMessage(string agentId, int action) {
         void logReader_Tick(object sender, EventArgs e) {
             DateTime metering = DateTime.Now;
             if (!IsUpdating && Database.Instance.IsConfigured) {
-                IsUpdating = true;
-                if (CurrentMenu == labelMenuSecurityLog && IntrusionLog.HasUpdates(LastLogId)) {
-                    IDataReader rdr = IntrusionLog.ReadDifferential(LastLogId);
-                    int maxLogId = LastLogId;
-                    while (rdr.Read()) {
-                        int action = int.Parse(rdr["Action"].ToString());
-                        string agentId = Shared.Db.DbValueConverter.ToString(rdr["AgentId"]);
-                        PanelSecurityLog.AddLogEntry(int.Parse(rdr["id"].ToString()), action, 
-                            agentId, 
-                            IntrusionLog.GetStatusIcon(action), 
-                            IntrusionLog.GetStatusClass(action), DateTime.Parse(rdr["IncidentTime"].ToString()), rdr["ClientIP"].ToString(), 
-                            GetLogMessage(agentId,action));
-                        if (Convert.ToInt32(rdr["Id"]) > maxLogId) maxLogId = Convert.ToInt32(rdr["Id"]);
-                    }
-                    rdr.Close();
-                    rdr.Dispose();
-                    if (maxLogId > LastLogId) LastLogId = maxLogId;
-                }
-                
-                if (CurrentMenu == labelMenuCurrentLocks && Locks.HasUpdates(LastLockUpdate)) {
-                    LastLockUpdate = DateTime.Now;
-                    PanelCurrentLocks.Clear();
-                    IDataReader locksReader = Locks.ReadLocks(); 
-                    while (locksReader.Read()) {
-                        DateTime lockDate;
-                        DateTime unlockDate;
-                        DateTime.TryParse(locksReader["LockDate"].ToString(), out lockDate);
-                        DateTime.TryParse(locksReader["UnlockDate"].ToString(), out unlockDate);
-                        PanelCurrentLocks.Add(int.Parse(locksReader["LockId"].ToString()), global::Cyberarms.IntrusionDetection.Admin.Properties.Resources.logIcon_softLock,
-                            LockStatusAdapter.GetLockStatusName(int.Parse(locksReader["Status"].ToString())), locksReader["ClientIp"].ToString(), 
-                            locksReader["DisplayName"].ToString(),
-                            lockDate, unlockDate, IntrusionDetection.Shared.Db.DbValueConverter.ToInt(locksReader["Status"]));
-                    }
-                    locksReader.Close();
-                    locksReader.Dispose();
+                try {
+                    IsUpdating = true;
                     
-                }
-                if (CurrentMenu == labelMenuHome) {
-                    Dashboard.SetUnsuccessfulLogins(Locks.ReadUnsuccessfulLoginAttempts(DateTime.Now.AddDays(-30)));
-                    foreach(SecurityAgent agent in SecurityAgents.Instance) {
-                        agent.UpdateStatistics();
+                    // Force SQLite to refresh its page cache by reopening the connection
+                    try {
+                        Database.Instance.CloseConnection();
+                        Database.Instance.OpenConnection();
+                    } catch { }
+
+                    if (CurrentMenu == labelMenuSecurityLog && IntrusionLog.HasUpdates(LastLogId)) {
+                        using (IDataReader rdr = IntrusionLog.ReadDifferential(LastLogId)) {
+                            int maxLogId = LastLogId;
+                            while (rdr.Read()) {
+                                int action = int.Parse(rdr["Action"].ToString());
+                                string agentId = Shared.Db.DbValueConverter.ToString(rdr["AgentId"]);
+                                PanelSecurityLog.AddLogEntry(int.Parse(rdr["id"].ToString()), action, 
+                                    agentId, 
+                                    IntrusionLog.GetStatusIcon(action), 
+                                    IntrusionLog.GetStatusClass(action), Shared.Db.DbValueConverter.ToDateTime(rdr["IncidentTime"]), rdr["ClientIP"].ToString(), 
+                                    GetLogMessage(agentId,action));
+                                if (Convert.ToInt32(rdr["Id"]) > maxLogId) maxLogId = Convert.ToInt32(rdr["Id"]);
+                            }
+                            rdr.Close();
+                            if (maxLogId > LastLogId) LastLogId = maxLogId;
+                        }
                     }
-                }
-                if (CurrentMenu == labelMenuHome || CurrentMenu == labelMenuCurrentLocks) {
-                    int softLocks = Locks.ReadCurrentSoftLocks();
-                    int hardLocks = Locks.ReadCurrentHardLocks();
-                    PanelCurrentLocks.SetSoftLocks(softLocks);
-                    PanelCurrentLocks.SetHardLocks(hardLocks);
-                    Dashboard.SetHardLocks(hardLocks);
-                    Dashboard.SetSoftLocks(softLocks);
                     
-                }
-                if (!IsInitialized || (CurrentMenu == labelMenuHome || CurrentMenu == labelMenuSecurityLog)) {
-                // ?? 
+                    if (CurrentMenu == labelMenuCurrentLocks) {
+                        List<LockInfo> dbLocks = new List<LockInfo>();
+                        using (IDataReader locksReader = Locks.ReadLocks()) {
+                            while (locksReader.Read()) {
+                                DateTime lockDate;
+                                DateTime unlockDate;
+                                DateTime.TryParse(Shared.Db.DbValueConverter.ToString(locksReader["LockDate"]), out lockDate);
+                                DateTime.TryParse(Shared.Db.DbValueConverter.ToString(locksReader["UnlockDate"]), out unlockDate);
+                                dbLocks.Add(new LockInfo {
+                                    Id = IntrusionDetection.Shared.Db.DbValueConverter.ToInt(locksReader["LockId"]),
+                                    StatusName = LockStatusAdapter.GetLockStatusName(IntrusionDetection.Shared.Db.DbValueConverter.ToInt(locksReader["Status"])),
+                                    ClientIp = Shared.Db.DbValueConverter.ToString(locksReader["ClientIp"]),
+                                    DisplayName = Shared.Db.DbValueConverter.ToString(locksReader["DisplayName"]),
+                                    LockDate = lockDate,
+                                    UnlockDate = unlockDate,
+                                    Status = IntrusionDetection.Shared.Db.DbValueConverter.ToInt(locksReader["Status"])
+                                });
+                            }
+                            locksReader.Close();
+                        }
+                        PanelCurrentLocks.UpdateLocksList(dbLocks);
+                    }
+                    if (CurrentMenu == labelMenuHome) {
+                        Dashboard.SetUnsuccessfulLogins(Locks.ReadUnsuccessfulLoginAttempts(DateTime.Now.AddDays(-30)));
+                        foreach(SecurityAgent agent in SecurityAgents.Instance) {
+                            agent.UpdateStatistics();
+                        }
+                    }
+                    if (CurrentMenu == labelMenuHome || CurrentMenu == labelMenuCurrentLocks) {
+                        int softLocks = Locks.ReadCurrentSoftLocks();
+                        int hardLocks = Locks.ReadCurrentHardLocks();
+                        PanelCurrentLocks.SetSoftLocks(softLocks);
+                        PanelCurrentLocks.SetHardLocks(hardLocks);
+                        Dashboard.SetHardLocks(hardLocks);
+                        Dashboard.SetSoftLocks(softLocks);
+                    }
+                } catch (Exception ex) {
+                    try {
+                        WriteEntry("Error in logReader_Tick: " + ex.ToString(), EventLogEntryType.Error, 9999, 1);
+                    } catch { }
+                    System.Diagnostics.Debug.Print("Exception in logReader_Tick: " + ex.ToString());
+                } finally {
+                    IsUpdating = false;
                 }
             }
             IsInitialized = true;
-            IsUpdating = false;
             System.Diagnostics.Debug.Print(DateTime.Now.Subtract(metering).TotalMilliseconds.ToString());
         }
 
@@ -334,6 +356,7 @@ private void labelMenuHome_Click(object sender, EventArgs e) {
             ShowMenu(labelMenuHome);
             Dashboard.BringToFront();
             panelOnlineServices.Hide();
+            logReader_Tick(this, EventArgs.Empty);
         }
 
 
@@ -356,7 +379,7 @@ private void labelMenuSecurityLog_Click(object sender, EventArgs e) {
             //panelSecurityLog.BringToFront();
             PanelSecurityLog.BringToFront();
             panelOnlineServices.Hide();
-
+            logReader_Tick(this, EventArgs.Empty);
         }
 
         private void labelMenuAgents_Click(object sender, EventArgs e) {
@@ -594,6 +617,7 @@ private void labelMenuCurrentLocks_Click(object sender, EventArgs e) {
             //panelCurrentLocks.BringToFront();
             PanelCurrentLocks.BringToFront();
             panelOnlineServices.Hide();
+            logReader_Tick(this, EventArgs.Empty);
         }
 
 
diff --git a/Cyberarms.IntrusionDetection.Admin/app.config b/Cyberarms.IntrusionDetection.Admin/app.config
index f249f02..661ac5a 100644
--- a/Cyberarms.IntrusionDetection.Admin/app.config
+++ b/Cyberarms.IntrusionDetection.Admin/app.config
@@ -3,5 +3,11 @@
 <startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/></startup>
   <runtime>
     <loadFromRemoteSources enabled="true"/>
+    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+      <dependentAssembly>
+        <assemblyIdentity name="System.Data.SQLite" publicKeyToken="db937bc2d44ff139" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-2.0.0.0" newVersion="1.0.112.1" />
+      </dependentAssembly>
+    </assemblyBinding>
   </runtime>
 </configuration>
diff --git a/Cyberarms.IntrusionDetection.Admin/bin/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.IntrusionDetection.Admin/bin/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..619b90c
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/bin/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.IntrusionDetection.Admin/bin/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.IntrusionDetection.Admin/bin/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..9c0630b
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/bin/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Admin/bin/Release/Cyberarms.IntrusionDetection.Shared.dll b/Cyberarms.IntrusionDetection.Admin/bin/Release/Cyberarms.IntrusionDetection.Shared.dll
new file mode 100644
index 0000000..d66902f
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/bin/Release/Cyberarms.IntrusionDetection.Shared.dll differ
diff --git a/Cyberarms.IntrusionDetection.Admin/bin/Release/Cyberarms.IntrusionDetection.Shared.pdb b/Cyberarms.IntrusionDetection.Admin/bin/Release/Cyberarms.IntrusionDetection.Shared.pdb
new file mode 100644
index 0000000..77412ad
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/bin/Release/Cyberarms.IntrusionDetection.Shared.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Admin/bin/Release/IntrusionDetectionAdmin.exe b/Cyberarms.IntrusionDetection.Admin/bin/Release/IntrusionDetectionAdmin.exe
new file mode 100644
index 0000000..c589d0c
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/bin/Release/IntrusionDetectionAdmin.exe differ
diff --git a/Cyberarms.IntrusionDetection.Admin/bin/Release/IntrusionDetectionAdmin.exe.config b/Cyberarms.IntrusionDetection.Admin/bin/Release/IntrusionDetectionAdmin.exe.config
new file mode 100644
index 0000000..661ac5a
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Admin/bin/Release/IntrusionDetectionAdmin.exe.config
@@ -0,0 +1,13 @@
+<?xml version="1.0"?>
+<configuration>
+<startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/></startup>
+  <runtime>
+    <loadFromRemoteSources enabled="true"/>
+    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+      <dependentAssembly>
+        <assemblyIdentity name="System.Data.SQLite" publicKeyToken="db937bc2d44ff139" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-2.0.0.0" newVersion="1.0.112.1" />
+      </dependentAssembly>
+    </assemblyBinding>
+  </runtime>
+</configuration>
diff --git a/Cyberarms.IntrusionDetection.Admin/bin/Release/IntrusionDetectionAdmin.pdb b/Cyberarms.IntrusionDetection.Admin/bin/Release/IntrusionDetectionAdmin.pdb
new file mode 100644
index 0000000..e1b3e8a
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/bin/Release/IntrusionDetectionAdmin.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsAgentConfiguration.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsAgentConfiguration.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsAgentConfiguration.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsApplicationSettings.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsApplicationSettings.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsApplicationSettings.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsCurrentLocks.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsCurrentLocks.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsCurrentLocks.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsDashboard.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsDashboard.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsDashboard.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsSecurityLog.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsSecurityLog.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsSecurityLog.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsSettingsNavigation.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsSettingsNavigation.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsSettingsNavigation.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsSettingsNavigationItem.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsSettingsNavigationItem.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.CyberarmsSettingsNavigationItem.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.GenericErrorDialog.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.GenericErrorDialog.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.GenericErrorDialog.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.IddsAdmin.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.IddsAdmin.resources
new file mode 100644
index 0000000..1197ed2
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.IddsAdmin.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.PanelLockoutConfiguration.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.PanelLockoutConfiguration.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.PanelLockoutConfiguration.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.PanelNotificationSettings.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.PanelNotificationSettings.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.PanelNotificationSettings.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.PanelPluginConfiguration.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.PanelPluginConfiguration.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.PanelPluginConfiguration.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.PanelSafeNetworks.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.PanelSafeNetworks.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.PanelSafeNetworks.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.PanelSmtpSettings.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.PanelSmtpSettings.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.PanelSmtpSettings.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.PluginItem.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.PluginItem.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.PluginItem.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.Properties.Resources.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.Properties.Resources.resources
new file mode 100644
index 0000000..8733919
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.Properties.Resources.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.RemoveLockForm.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.RemoveLockForm.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.RemoveLockForm.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.SmartForm.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.SmartForm.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.SmartForm.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.SmartLabel.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.SmartLabel.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.SmartLabel.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.SmartLabelTextbox.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.SmartLabelTextbox.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.SmartLabelTextbox.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.SplashScreen.resources b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.SplashScreen.resources
new file mode 100644
index 0000000..1197ed2
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.SplashScreen.resources differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.csproj.FileListAbsolute.txt b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..70985bd
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.csproj.FileListAbsolute.txt
@@ -0,0 +1,32 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.csprojResolveAssemblyReference.cache
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\bin\Release\IntrusionDetectionAdmin.exe.config
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\bin\Release\IntrusionDetectionAdmin.exe
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\bin\Release\IntrusionDetectionAdmin.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\bin\Release\Cyberarms.IntrusionDetection.Api.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\bin\Release\Cyberarms.IntrusionDetection.Shared.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\bin\Release\Cyberarms.IntrusionDetection.Api.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\bin\Release\Cyberarms.IntrusionDetection.Shared.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.CyberarmsApplicationSettings.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.CyberarmsAgentConfiguration.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.CyberarmsCurrentLocks.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.CyberarmsDashboard.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.CyberarmsSecurityLog.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.CyberarmsSettingsNavigation.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.CyberarmsSettingsNavigationItem.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.GenericErrorDialog.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.IddsAdmin.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.PanelLockoutConfiguration.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.PanelNotificationSettings.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.PanelPluginConfiguration.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.PanelSafeNetworks.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.PanelSmtpSettings.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.PluginItem.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.Properties.Resources.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.RemoveLockForm.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.SmartForm.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.SmartLabel.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.SmartLabelTextbox.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.SplashScreen.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\Cyberarms.IntrusionDetection.Admin.csproj.GenerateResource.Cache
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\IntrusionDetectionAdmin.exe
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\obj\x86\Release\IntrusionDetectionAdmin.pdb
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.csproj.GenerateResource.Cache b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.csproj.GenerateResource.Cache
new file mode 100644
index 0000000..3640693
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.csproj.GenerateResource.Cache differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.csprojResolveAssemblyReference.cache b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..589caba
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/Cyberarms.IntrusionDetection.Admin.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/IntrusionDetectionAdmin.exe b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/IntrusionDetectionAdmin.exe
new file mode 100644
index 0000000..c589d0c
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/IntrusionDetectionAdmin.exe differ
diff --git a/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/IntrusionDetectionAdmin.pdb b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/IntrusionDetectionAdmin.pdb
new file mode 100644
index 0000000..e1b3e8a
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Admin/obj/x86/Release/IntrusionDetectionAdmin.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Api/Cyberarms.IntrusionDetection.Api.csproj b/Cyberarms.IntrusionDetection.Api/Cyberarms.IntrusionDetection.Api.csproj
index 1666c34..fbc1ae4 100644
--- a/Cyberarms.IntrusionDetection.Api/Cyberarms.IntrusionDetection.Api.csproj
+++ b/Cyberarms.IntrusionDetection.Api/Cyberarms.IntrusionDetection.Api.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.IntrusionDetection.Api</RootNamespace>
     <AssemblyName>Cyberarms.IntrusionDetection.Api</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
     <SccLocalPath>SAK</SccLocalPath>
@@ -163,4 +163,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.IntrusionDetection.Api/bin/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.IntrusionDetection.Api/bin/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..f55bc90
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Api/bin/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.IntrusionDetection.Api/bin/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.IntrusionDetection.Api/bin/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..23381a9
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Api/bin/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Api/bin/Release/Cyberarms.IntrusionDetection.Api.xml b/Cyberarms.IntrusionDetection.Api/bin/Release/Cyberarms.IntrusionDetection.Api.xml
new file mode 100644
index 0000000..b345d21
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Api/bin/Release/Cyberarms.IntrusionDetection.Api.xml
@@ -0,0 +1,460 @@
+<?xml version="1.0"?>
+<doc>
+    <assembly>
+        <name>Cyberarms.IntrusionDetection.Api</name>
+    </assembly>
+    <members>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase">
+            <summary>
+            This class can be used as base class for custom configuration.
+            Using this base class,Intrusion Detectionautomatically loads and saves configuration values needed by your plugin.
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration">
+            <summary>
+            This interface provídes any property needed forIntrusion Detectionto load and save configuration values for your agent plugin.
+            It is used byIntrusion Detectioninternally, as agent developer, you don't have to care about this interface
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.GetConfigurationType">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.GetConfigurationType">
+            <summary>
+            Returns the type of custom configuration
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings. This must be marked with the System.Xml.Serialization.XmlIgnore() attribute,
+            and the property must ensure to return the right configuration for the plugin.
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.PluginConfigurationXml">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.FileName">
+            <summary>
+            The filename of an agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin">
+            <summary>
+            Base class for agents
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin">
+            <summary>
+            Interface for agents, must be implemented to create aIntrusion Detectionagent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.#ctor">
+            <summary>
+            Initialize the agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnAttackDetected(System.Object,Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+            <summary>
+            Is used to invoke all event listener delegates
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Notification arguments</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStartAgent">
+            <summary>
+            Override this method to do anything required to start your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnPauseAgent">
+            <summary>
+            Override this method to do anything required to pause your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStopAgent">
+            <summary>
+            Override this method to stop your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnContinueAgent">
+            <summary>
+            Override this method to continue your agent from the paused state
+            </summary>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>                
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener">
+            <summary>
+            NotificationReceiver
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener.NotificationReceiver(Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+             <summary>
+            Intrusion Detectioncalls the NotificationReceiver to forward notification event data 
+             </summary>
+             <param name="args"></param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.Names">
+            <summary>
+            Internal class needed for naming
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.Names.pluginTypeNames">
+            <summary>
+            Returns display names 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute">
+            <summary>
+            Custom attribute for plugins to specify displayname and description. 
+            TheIntrusion Detectionadministration software displays the values defined as class attribute
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+            <param name="version">Version number of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.DisplayName">
+            <summary>
+            Display name of your agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Description">
+            <summary>
+            Add a short description about what your agent does
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Version">
+            <summary>
+            Version number of your agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes">
+            <summary>
+            Plugin types
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.Agent">
+            <summary>
+            Type is agent
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.NotificationListener">
+            <summary>
+            Type is Listener
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler">
+            <summary>
+            Event handler for sending intrusion attempts to theIntrusion DetectionService
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Intrusion notification details</param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs">
+            <summary>
+            Notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs">
+            <summary>
+            Base class for notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration">
+            <summary>
+            Base class for plugin configuration settings
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration)">
+            <summary>
+            Clone from another PluginConfiguration of the same type
+            </summary>
+            <param name="source"></param>
+        </member>
+    </members>
+</doc>
diff --git a/Cyberarms.IntrusionDetection.Api/bin/Release/mscorlib.dll b/Cyberarms.IntrusionDetection.Api/bin/Release/mscorlib.dll
new file mode 100644
index 0000000..2e8c900
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Api/bin/Release/mscorlib.dll differ
diff --git a/Cyberarms.IntrusionDetection.Api/bin/Release/normidna.nlp b/Cyberarms.IntrusionDetection.Api/bin/Release/normidna.nlp
new file mode 100644
index 0000000..5a69df1
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Api/bin/Release/normidna.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Api/bin/Release/normnfc.nlp b/Cyberarms.IntrusionDetection.Api/bin/Release/normnfc.nlp
new file mode 100644
index 0000000..f198144
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Api/bin/Release/normnfc.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Api/bin/Release/normnfd.nlp b/Cyberarms.IntrusionDetection.Api/bin/Release/normnfd.nlp
new file mode 100644
index 0000000..16e88e1
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Api/bin/Release/normnfd.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Api/bin/Release/normnfkc.nlp b/Cyberarms.IntrusionDetection.Api/bin/Release/normnfkc.nlp
new file mode 100644
index 0000000..55406db
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Api/bin/Release/normnfkc.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Api/bin/Release/normnfkd.nlp b/Cyberarms.IntrusionDetection.Api/bin/Release/normnfkd.nlp
new file mode 100644
index 0000000..b7386c4
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Api/bin/Release/normnfkd.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Api/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.IntrusionDetection.Api/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..619b90c
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Api/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.IntrusionDetection.Api/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.IntrusionDetection.Api/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..9c0630b
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Api/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Api/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs b/Cyberarms.IntrusionDetection.Api/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
new file mode 100644
index 0000000..6574ddf
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Api/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = "")]
diff --git a/Cyberarms.IntrusionDetection.Api/obj/Release/Cyberarms.IntrusionDetection.Api.csproj.FileListAbsolute.txt b/Cyberarms.IntrusionDetection.Api/obj/Release/Cyberarms.IntrusionDetection.Api.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..6f95103
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Api/obj/Release/Cyberarms.IntrusionDetection.Api.csproj.FileListAbsolute.txt
@@ -0,0 +1,12 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Api\bin\Release\Cyberarms.IntrusionDetection.Api.xml
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Api\bin\Release\Cyberarms.IntrusionDetection.Api.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Api\bin\Release\Cyberarms.IntrusionDetection.Api.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Api\obj\Release\Cyberarms.IntrusionDetection.Api.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Api\obj\Release\Cyberarms.IntrusionDetection.Api.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Api\bin\Release\mscorlib.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Api\bin\Release\normidna.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Api\bin\Release\normnfc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Api\bin\Release\normnfd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Api\bin\Release\normnfkc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Api\bin\Release\normnfkd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Api\obj\Release\Cyberarms.IntrusionDetection.Api.csprojResolveAssemblyReference.cache
diff --git a/Cyberarms.IntrusionDetection.Api/obj/Release/Cyberarms.IntrusionDetection.Api.csprojResolveAssemblyReference.cache b/Cyberarms.IntrusionDetection.Api/obj/Release/Cyberarms.IntrusionDetection.Api.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..de7dbe5
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Api/obj/Release/Cyberarms.IntrusionDetection.Api.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.IntrusionDetection.Api/obj/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.IntrusionDetection.Api/obj/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..f55bc90
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Api/obj/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.IntrusionDetection.Api/obj/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.IntrusionDetection.Api/obj/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..23381a9
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Api/obj/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Api/obj/x86/Release/Cyberarms.IntrusionDetection.Api.csproj.FileListAbsolute.txt b/Cyberarms.IntrusionDetection.Api/obj/x86/Release/Cyberarms.IntrusionDetection.Api.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..8c6c58f
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Api/obj/x86/Release/Cyberarms.IntrusionDetection.Api.csproj.FileListAbsolute.txt
@@ -0,0 +1,5 @@
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Api\bin\x86\Release\Cyberarms.IntrusionDetection.Api.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Api\bin\x86\Release\Cyberarms.IntrusionDetection.Api.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Api\obj\x86\Release\Cyberarms.IntrusionDetection.Api.csprojResolveAssemblyReference.cache
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Api\obj\x86\Release\Cyberarms.IntrusionDetection.Api.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Api\obj\x86\Release\Cyberarms.IntrusionDetection.Api.pdb
diff --git a/Cyberarms.IntrusionDetection.Api/obj/x86/Release/Cyberarms.IntrusionDetection.Api.csprojResolveAssemblyReference.cache b/Cyberarms.IntrusionDetection.Api/obj/x86/Release/Cyberarms.IntrusionDetection.Api.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..a315794
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Api/obj/x86/Release/Cyberarms.IntrusionDetection.Api.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.IntrusionDetection.Api/obj/x86/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.IntrusionDetection.Api/obj/x86/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..619b90c
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Api/obj/x86/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.IntrusionDetection.Api/obj/x86/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.IntrusionDetection.Api/obj/x86/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..9c0630b
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Api/obj/x86/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Base/Cyberarms.IntrusionDetection.Base.Plugins.csproj b/Cyberarms.IntrusionDetection.Base/Cyberarms.IntrusionDetection.Base.Plugins.csproj
index ce8ad57..39dc2c0 100644
--- a/Cyberarms.IntrusionDetection.Base/Cyberarms.IntrusionDetection.Base.Plugins.csproj
+++ b/Cyberarms.IntrusionDetection.Base/Cyberarms.IntrusionDetection.Base.Plugins.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.IntrusionDetection.Base.Plugins</RootNamespace>
     <AssemblyName>Cyberarms.IntrusionDetection.Base.Plugins</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
     <SccLocalPath>SAK</SccLocalPath>
@@ -174,4 +174,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.IntrusionDetection.Base/bin/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.IntrusionDetection.Base/bin/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..1647cea
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/bin/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.IntrusionDetection.Base/bin/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.IntrusionDetection.Base/bin/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..0b7344f
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/bin/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Base/bin/Release/Cyberarms.IntrusionDetection.Api.xml b/Cyberarms.IntrusionDetection.Base/bin/Release/Cyberarms.IntrusionDetection.Api.xml
new file mode 100644
index 0000000..b345d21
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Base/bin/Release/Cyberarms.IntrusionDetection.Api.xml
@@ -0,0 +1,460 @@
+<?xml version="1.0"?>
+<doc>
+    <assembly>
+        <name>Cyberarms.IntrusionDetection.Api</name>
+    </assembly>
+    <members>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase">
+            <summary>
+            This class can be used as base class for custom configuration.
+            Using this base class,Intrusion Detectionautomatically loads and saves configuration values needed by your plugin.
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration">
+            <summary>
+            This interface provídes any property needed forIntrusion Detectionto load and save configuration values for your agent plugin.
+            It is used byIntrusion Detectioninternally, as agent developer, you don't have to care about this interface
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.GetConfigurationType">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.GetConfigurationType">
+            <summary>
+            Returns the type of custom configuration
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings. This must be marked with the System.Xml.Serialization.XmlIgnore() attribute,
+            and the property must ensure to return the right configuration for the plugin.
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.PluginConfigurationXml">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.FileName">
+            <summary>
+            The filename of an agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin">
+            <summary>
+            Base class for agents
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin">
+            <summary>
+            Interface for agents, must be implemented to create aIntrusion Detectionagent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.#ctor">
+            <summary>
+            Initialize the agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnAttackDetected(System.Object,Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+            <summary>
+            Is used to invoke all event listener delegates
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Notification arguments</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStartAgent">
+            <summary>
+            Override this method to do anything required to start your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnPauseAgent">
+            <summary>
+            Override this method to do anything required to pause your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStopAgent">
+            <summary>
+            Override this method to stop your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnContinueAgent">
+            <summary>
+            Override this method to continue your agent from the paused state
+            </summary>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>                
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener">
+            <summary>
+            NotificationReceiver
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener.NotificationReceiver(Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+             <summary>
+            Intrusion Detectioncalls the NotificationReceiver to forward notification event data 
+             </summary>
+             <param name="args"></param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.Names">
+            <summary>
+            Internal class needed for naming
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.Names.pluginTypeNames">
+            <summary>
+            Returns display names 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute">
+            <summary>
+            Custom attribute for plugins to specify displayname and description. 
+            TheIntrusion Detectionadministration software displays the values defined as class attribute
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+            <param name="version">Version number of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.DisplayName">
+            <summary>
+            Display name of your agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Description">
+            <summary>
+            Add a short description about what your agent does
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Version">
+            <summary>
+            Version number of your agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes">
+            <summary>
+            Plugin types
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.Agent">
+            <summary>
+            Type is agent
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.NotificationListener">
+            <summary>
+            Type is Listener
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler">
+            <summary>
+            Event handler for sending intrusion attempts to theIntrusion DetectionService
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Intrusion notification details</param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs">
+            <summary>
+            Notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs">
+            <summary>
+            Base class for notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration">
+            <summary>
+            Base class for plugin configuration settings
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration)">
+            <summary>
+            Clone from another PluginConfiguration of the same type
+            </summary>
+            <param name="source"></param>
+        </member>
+    </members>
+</doc>
diff --git a/Cyberarms.IntrusionDetection.Base/bin/Release/Cyberarms.IntrusionDetection.Base.Plugins.dll b/Cyberarms.IntrusionDetection.Base/bin/Release/Cyberarms.IntrusionDetection.Base.Plugins.dll
new file mode 100644
index 0000000..25d9094
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/bin/Release/Cyberarms.IntrusionDetection.Base.Plugins.dll differ
diff --git a/Cyberarms.IntrusionDetection.Base/bin/Release/Cyberarms.IntrusionDetection.Base.Plugins.pdb b/Cyberarms.IntrusionDetection.Base/bin/Release/Cyberarms.IntrusionDetection.Base.Plugins.pdb
new file mode 100644
index 0000000..74872e8
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/bin/Release/Cyberarms.IntrusionDetection.Base.Plugins.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Base/bin/Release/mscorlib.dll b/Cyberarms.IntrusionDetection.Base/bin/Release/mscorlib.dll
new file mode 100644
index 0000000..2e8c900
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/bin/Release/mscorlib.dll differ
diff --git a/Cyberarms.IntrusionDetection.Base/bin/Release/normidna.nlp b/Cyberarms.IntrusionDetection.Base/bin/Release/normidna.nlp
new file mode 100644
index 0000000..5a69df1
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/bin/Release/normidna.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Base/bin/Release/normnfc.nlp b/Cyberarms.IntrusionDetection.Base/bin/Release/normnfc.nlp
new file mode 100644
index 0000000..f198144
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/bin/Release/normnfc.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Base/bin/Release/normnfd.nlp b/Cyberarms.IntrusionDetection.Base/bin/Release/normnfd.nlp
new file mode 100644
index 0000000..16e88e1
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/bin/Release/normnfd.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Base/bin/Release/normnfkc.nlp b/Cyberarms.IntrusionDetection.Base/bin/Release/normnfkc.nlp
new file mode 100644
index 0000000..55406db
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/bin/Release/normnfkc.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Base/bin/Release/normnfkd.nlp b/Cyberarms.IntrusionDetection.Base/bin/Release/normnfkd.nlp
new file mode 100644
index 0000000..b7386c4
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/bin/Release/normnfkd.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Base/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.IntrusionDetection.Base/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..6b529ec
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.IntrusionDetection.Base/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.IntrusionDetection.Base/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..749164b
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Base/bin/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.dll b/Cyberarms.IntrusionDetection.Base/bin/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.dll
new file mode 100644
index 0000000..b3531ee
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/bin/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.dll differ
diff --git a/Cyberarms.IntrusionDetection.Base/bin/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.pdb b/Cyberarms.IntrusionDetection.Base/bin/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.pdb
new file mode 100644
index 0000000..6c16006
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/bin/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Base/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs b/Cyberarms.IntrusionDetection.Base/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
new file mode 100644
index 0000000..6574ddf
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Base/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = "")]
diff --git a/Cyberarms.IntrusionDetection.Base/obj/Release/Cyberarms.IntrusionDetection.Base.Plugins.Resources.resources b/Cyberarms.IntrusionDetection.Base/obj/Release/Cyberarms.IntrusionDetection.Base.Plugins.Resources.resources
new file mode 100644
index 0000000..3d60716
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/obj/Release/Cyberarms.IntrusionDetection.Base.Plugins.Resources.resources differ
diff --git a/Cyberarms.IntrusionDetection.Base/obj/Release/Cyberarms.IntrusionDetection.Base.Plugins.csproj.FileListAbsolute.txt b/Cyberarms.IntrusionDetection.Base/obj/Release/Cyberarms.IntrusionDetection.Base.Plugins.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..8c4b2eb
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Base/obj/Release/Cyberarms.IntrusionDetection.Base.Plugins.csproj.FileListAbsolute.txt
@@ -0,0 +1,15 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\bin\Release\Cyberarms.IntrusionDetection.Base.Plugins.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\bin\Release\Cyberarms.IntrusionDetection.Base.Plugins.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\bin\Release\Cyberarms.IntrusionDetection.Api.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\bin\Release\Cyberarms.IntrusionDetection.Api.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\bin\Release\Cyberarms.IntrusionDetection.Api.xml
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\obj\Release\Cyberarms.IntrusionDetection.Base.Plugins.Resources.resources
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\obj\Release\Cyberarms.IntrusionDetection.Base.Plugins.csproj.GenerateResource.Cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\obj\Release\Cyberarms.IntrusionDetection.Base.Plugins.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\obj\Release\Cyberarms.IntrusionDetection.Base.Plugins.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\bin\Release\mscorlib.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\bin\Release\normidna.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\bin\Release\normnfc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\bin\Release\normnfd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\bin\Release\normnfkc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\bin\Release\normnfkd.nlp
diff --git a/Cyberarms.IntrusionDetection.Base/obj/Release/Cyberarms.IntrusionDetection.Base.Plugins.csproj.GenerateResource.Cache b/Cyberarms.IntrusionDetection.Base/obj/Release/Cyberarms.IntrusionDetection.Base.Plugins.csproj.GenerateResource.Cache
new file mode 100644
index 0000000..300c555
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/obj/Release/Cyberarms.IntrusionDetection.Base.Plugins.csproj.GenerateResource.Cache differ
diff --git a/Cyberarms.IntrusionDetection.Base/obj/Release/Cyberarms.IntrusionDetection.Base.Plugins.dll b/Cyberarms.IntrusionDetection.Base/obj/Release/Cyberarms.IntrusionDetection.Base.Plugins.dll
new file mode 100644
index 0000000..25d9094
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/obj/Release/Cyberarms.IntrusionDetection.Base.Plugins.dll differ
diff --git a/Cyberarms.IntrusionDetection.Base/obj/Release/Cyberarms.IntrusionDetection.Base.Plugins.pdb b/Cyberarms.IntrusionDetection.Base/obj/Release/Cyberarms.IntrusionDetection.Base.Plugins.pdb
new file mode 100644
index 0000000..74872e8
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/obj/Release/Cyberarms.IntrusionDetection.Base.Plugins.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Base/obj/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.Resources.resources b/Cyberarms.IntrusionDetection.Base/obj/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.Resources.resources
new file mode 100644
index 0000000..3d60716
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/obj/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.Resources.resources differ
diff --git a/Cyberarms.IntrusionDetection.Base/obj/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.csproj.FileListAbsolute.txt b/Cyberarms.IntrusionDetection.Base/obj/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..aa7ef13
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Base/obj/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.csproj.FileListAbsolute.txt
@@ -0,0 +1,9 @@
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\bin\x86\Release\Cyberarms.IntrusionDetection.Base.Plugins.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\bin\x86\Release\Cyberarms.IntrusionDetection.Base.Plugins.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\bin\x86\Release\Cyberarms.IntrusionDetection.Api.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\bin\x86\Release\Cyberarms.IntrusionDetection.Api.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\obj\x86\Release\Cyberarms.IntrusionDetection.Base.Plugins.Resources.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\obj\x86\Release\Cyberarms.IntrusionDetection.Base.Plugins.csproj.GenerateResource.Cache
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\obj\x86\Release\Cyberarms.IntrusionDetection.Base.Plugins.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\obj\x86\Release\Cyberarms.IntrusionDetection.Base.Plugins.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Base\obj\x86\Release\Cyberarms.IntrusionDetection.Base.Plugins.csprojResolveAssemblyReference.cache
diff --git a/Cyberarms.IntrusionDetection.Base/obj/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.csproj.GenerateResource.Cache b/Cyberarms.IntrusionDetection.Base/obj/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.csproj.GenerateResource.Cache
new file mode 100644
index 0000000..300c555
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/obj/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.csproj.GenerateResource.Cache differ
diff --git a/Cyberarms.IntrusionDetection.Base/obj/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.csprojResolveAssemblyReference.cache b/Cyberarms.IntrusionDetection.Base/obj/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..708e570
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/obj/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.IntrusionDetection.Base/obj/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.dll b/Cyberarms.IntrusionDetection.Base/obj/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.dll
new file mode 100644
index 0000000..b3531ee
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/obj/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.dll differ
diff --git a/Cyberarms.IntrusionDetection.Base/obj/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.pdb b/Cyberarms.IntrusionDetection.Base/obj/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.pdb
new file mode 100644
index 0000000..6c16006
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Base/obj/x86/Release/Cyberarms.IntrusionDetection.Base.Plugins.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Cmd.Test/CyberarmsIntrusionDetection.Cmd.Test.csproj b/Cyberarms.IntrusionDetection.Cmd.Test/CyberarmsIntrusionDetection.Cmd.Test.csproj
index 3578e9d..4c6a666 100644
--- a/Cyberarms.IntrusionDetection.Cmd.Test/CyberarmsIntrusionDetection.Cmd.Test.csproj
+++ b/Cyberarms.IntrusionDetection.Cmd.Test/CyberarmsIntrusionDetection.Cmd.Test.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -11,7 +11,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>CyberarmsPaladinCmd.Test</RootNamespace>
     <AssemblyName>CyberarmsPaladinCmd.Test</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <ProjectTypeGuids>{3AC096D0-A1C2-E12C-1390-A8335801FDAB};{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}</ProjectTypeGuids>
     <SccProjectName>SAK</SccProjectName>
@@ -108,4 +108,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.IntrusionDetection.Cmd.Test/obj/Release/CyberarmsIntrusionDetection.Cmd.Test.csproj.FileListAbsolute.txt b/Cyberarms.IntrusionDetection.Cmd.Test/obj/Release/CyberarmsIntrusionDetection.Cmd.Test.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..d0d9e37
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Cmd.Test/obj/Release/CyberarmsIntrusionDetection.Cmd.Test.csproj.FileListAbsolute.txt
@@ -0,0 +1 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd.Test\obj\Release\CyberarmsIntrusionDetection.Cmd.Test.csprojResolveAssemblyReference.cache
diff --git a/Cyberarms.IntrusionDetection.Cmd.Test/obj/Release/CyberarmsIntrusionDetection.Cmd.Test.csprojResolveAssemblyReference.cache b/Cyberarms.IntrusionDetection.Cmd.Test/obj/Release/CyberarmsIntrusionDetection.Cmd.Test.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..a3b843a
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd.Test/obj/Release/CyberarmsIntrusionDetection.Cmd.Test.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/Cyberarms.IntrusionDetection.Cmd.csproj b/Cyberarms.IntrusionDetection.Cmd/Cyberarms.IntrusionDetection.Cmd.csproj
index c86cef5..ca3ae99 100644
--- a/Cyberarms.IntrusionDetection.Cmd/Cyberarms.IntrusionDetection.Cmd.csproj
+++ b/Cyberarms.IntrusionDetection.Cmd/Cyberarms.IntrusionDetection.Cmd.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.IntrusionDetection.Cmd</RootNamespace>
     <AssemblyName>CyberarmsIdsCmd</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <TargetFrameworkProfile>
     </TargetFrameworkProfile>
     <FileAlignment>512</FileAlignment>
@@ -160,26 +160,7 @@
       <DependentUpon>Settings.settings</DependentUpon>
     </Compile>
   </ItemGroup>
-  <ItemGroup>
-    <COMReference Include="NATUPNPLib">
-      <Guid>{1C565858-F302-471E-B409-F180AA4ABEC6}</Guid>
-      <VersionMajor>1</VersionMajor>
-      <VersionMinor>0</VersionMinor>
-      <Lcid>0</Lcid>
-      <WrapperTool>tlbimp</WrapperTool>
-      <Isolated>False</Isolated>
-      <EmbedInteropTypes>True</EmbedInteropTypes>
-    </COMReference>
-    <COMReference Include="NETCONLib">
-      <Guid>{43E734CA-043D-4A70-9A2C-A8F254063D91}</Guid>
-      <VersionMajor>1</VersionMajor>
-      <VersionMinor>0</VersionMinor>
-      <Lcid>0</Lcid>
-      <WrapperTool>tlbimp</WrapperTool>
-      <Isolated>False</Isolated>
-      <EmbedInteropTypes>True</EmbedInteropTypes>
-    </COMReference>
-  </ItemGroup>
+
   <ItemGroup>
     <None Include="app.config" />
     <None Include="Properties\Settings.settings">
@@ -244,4 +225,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.IntrusionDetection.Cmd/app.config b/Cyberarms.IntrusionDetection.Cmd/app.config
index e365603..a1195e1 100644
--- a/Cyberarms.IntrusionDetection.Cmd/app.config
+++ b/Cyberarms.IntrusionDetection.Cmd/app.config
@@ -1,3 +1,14 @@
 <?xml version="1.0"?>
 <configuration>
-<startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/></startup></configuration>
+  <startup>
+    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>
+  </startup>
+  <runtime>
+    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+      <dependentAssembly>
+        <assemblyIdentity name="System.Data.SQLite" publicKeyToken="db937bc2d44ff139" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-2.0.0.0" newVersion="1.0.112.1" />
+      </dependentAssembly>
+    </assemblyBinding>
+  </runtime>
+</configuration>
diff --git a/Cyberarms.IntrusionDetection.Cmd/bin/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.IntrusionDetection.Cmd/bin/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..6b529ec
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/bin/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/bin/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.IntrusionDetection.Cmd/bin/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..749164b
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/bin/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/bin/Release/Cyberarms.IntrusionDetection.Api.xml b/Cyberarms.IntrusionDetection.Cmd/bin/Release/Cyberarms.IntrusionDetection.Api.xml
new file mode 100644
index 0000000..b345d21
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Cmd/bin/Release/Cyberarms.IntrusionDetection.Api.xml
@@ -0,0 +1,460 @@
+<?xml version="1.0"?>
+<doc>
+    <assembly>
+        <name>Cyberarms.IntrusionDetection.Api</name>
+    </assembly>
+    <members>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase">
+            <summary>
+            This class can be used as base class for custom configuration.
+            Using this base class,Intrusion Detectionautomatically loads and saves configuration values needed by your plugin.
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration">
+            <summary>
+            This interface provídes any property needed forIntrusion Detectionto load and save configuration values for your agent plugin.
+            It is used byIntrusion Detectioninternally, as agent developer, you don't have to care about this interface
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.GetConfigurationType">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.GetConfigurationType">
+            <summary>
+            Returns the type of custom configuration
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings. This must be marked with the System.Xml.Serialization.XmlIgnore() attribute,
+            and the property must ensure to return the right configuration for the plugin.
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.PluginConfigurationXml">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.FileName">
+            <summary>
+            The filename of an agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin">
+            <summary>
+            Base class for agents
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin">
+            <summary>
+            Interface for agents, must be implemented to create aIntrusion Detectionagent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.#ctor">
+            <summary>
+            Initialize the agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnAttackDetected(System.Object,Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+            <summary>
+            Is used to invoke all event listener delegates
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Notification arguments</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStartAgent">
+            <summary>
+            Override this method to do anything required to start your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnPauseAgent">
+            <summary>
+            Override this method to do anything required to pause your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStopAgent">
+            <summary>
+            Override this method to stop your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnContinueAgent">
+            <summary>
+            Override this method to continue your agent from the paused state
+            </summary>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>                
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener">
+            <summary>
+            NotificationReceiver
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener.NotificationReceiver(Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+             <summary>
+            Intrusion Detectioncalls the NotificationReceiver to forward notification event data 
+             </summary>
+             <param name="args"></param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.Names">
+            <summary>
+            Internal class needed for naming
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.Names.pluginTypeNames">
+            <summary>
+            Returns display names 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute">
+            <summary>
+            Custom attribute for plugins to specify displayname and description. 
+            TheIntrusion Detectionadministration software displays the values defined as class attribute
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+            <param name="version">Version number of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.DisplayName">
+            <summary>
+            Display name of your agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Description">
+            <summary>
+            Add a short description about what your agent does
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Version">
+            <summary>
+            Version number of your agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes">
+            <summary>
+            Plugin types
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.Agent">
+            <summary>
+            Type is agent
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.NotificationListener">
+            <summary>
+            Type is Listener
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler">
+            <summary>
+            Event handler for sending intrusion attempts to theIntrusion DetectionService
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Intrusion notification details</param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs">
+            <summary>
+            Notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs">
+            <summary>
+            Base class for notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration">
+            <summary>
+            Base class for plugin configuration settings
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration)">
+            <summary>
+            Clone from another PluginConfiguration of the same type
+            </summary>
+            <param name="source"></param>
+        </member>
+    </members>
+</doc>
diff --git a/Cyberarms.IntrusionDetection.Cmd/bin/Release/Cyberarms.IntrusionDetection.Base.Plugins.dll b/Cyberarms.IntrusionDetection.Cmd/bin/Release/Cyberarms.IntrusionDetection.Base.Plugins.dll
new file mode 100644
index 0000000..b3531ee
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/bin/Release/Cyberarms.IntrusionDetection.Base.Plugins.dll differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/bin/Release/Cyberarms.IntrusionDetection.Base.Plugins.pdb b/Cyberarms.IntrusionDetection.Cmd/bin/Release/Cyberarms.IntrusionDetection.Base.Plugins.pdb
new file mode 100644
index 0000000..6c16006
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/bin/Release/Cyberarms.IntrusionDetection.Base.Plugins.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/bin/Release/CyberarmsIdsCmd.exe b/Cyberarms.IntrusionDetection.Cmd/bin/Release/CyberarmsIdsCmd.exe
new file mode 100644
index 0000000..04e1fdb
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/bin/Release/CyberarmsIdsCmd.exe differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/bin/Release/CyberarmsIdsCmd.exe.config b/Cyberarms.IntrusionDetection.Cmd/bin/Release/CyberarmsIdsCmd.exe.config
new file mode 100644
index 0000000..a1195e1
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Cmd/bin/Release/CyberarmsIdsCmd.exe.config
@@ -0,0 +1,14 @@
+<?xml version="1.0"?>
+<configuration>
+  <startup>
+    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>
+  </startup>
+  <runtime>
+    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+      <dependentAssembly>
+        <assemblyIdentity name="System.Data.SQLite" publicKeyToken="db937bc2d44ff139" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-2.0.0.0" newVersion="1.0.112.1" />
+      </dependentAssembly>
+    </assemblyBinding>
+  </runtime>
+</configuration>
diff --git a/Cyberarms.IntrusionDetection.Cmd/bin/Release/CyberarmsIdsCmd.pdb b/Cyberarms.IntrusionDetection.Cmd/bin/Release/CyberarmsIdsCmd.pdb
new file mode 100644
index 0000000..b7b24c9
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/bin/Release/CyberarmsIdsCmd.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/bin/Release/DemoAgent.dll b/Cyberarms.IntrusionDetection.Cmd/bin/Release/DemoAgent.dll
new file mode 100644
index 0000000..d65583e
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/bin/Release/DemoAgent.dll differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/bin/Release/DemoAgent.pdb b/Cyberarms.IntrusionDetection.Cmd/bin/Release/DemoAgent.pdb
new file mode 100644
index 0000000..2f632a7
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/bin/Release/DemoAgent.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/bin/Release/mscorlib.dll b/Cyberarms.IntrusionDetection.Cmd/bin/Release/mscorlib.dll
new file mode 100644
index 0000000..2e8c900
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/bin/Release/mscorlib.dll differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/bin/Release/normidna.nlp b/Cyberarms.IntrusionDetection.Cmd/bin/Release/normidna.nlp
new file mode 100644
index 0000000..5a69df1
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/bin/Release/normidna.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/bin/Release/normnfc.nlp b/Cyberarms.IntrusionDetection.Cmd/bin/Release/normnfc.nlp
new file mode 100644
index 0000000..f198144
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/bin/Release/normnfc.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/bin/Release/normnfd.nlp b/Cyberarms.IntrusionDetection.Cmd/bin/Release/normnfd.nlp
new file mode 100644
index 0000000..16e88e1
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/bin/Release/normnfd.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/bin/Release/normnfkc.nlp b/Cyberarms.IntrusionDetection.Cmd/bin/Release/normnfkc.nlp
new file mode 100644
index 0000000..55406db
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/bin/Release/normnfkc.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/bin/Release/normnfkd.nlp b/Cyberarms.IntrusionDetection.Cmd/bin/Release/normnfkd.nlp
new file mode 100644
index 0000000..b7386c4
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/bin/Release/normnfkd.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/obj/Release/Cyberarms.IntrusionDetection.Cmd.csproj.FileListAbsolute.txt b/Cyberarms.IntrusionDetection.Cmd/obj/Release/Cyberarms.IntrusionDetection.Cmd.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..e7ea7fb
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Cmd/obj/Release/Cyberarms.IntrusionDetection.Cmd.csproj.FileListAbsolute.txt
@@ -0,0 +1,19 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\obj\Release\Cyberarms.IntrusionDetection.Cmd.csprojResolveAssemblyReference.cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\CyberarmsIdsCmd.exe.config
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\CyberarmsIdsCmd.exe
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\CyberarmsIdsCmd.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\Cyberarms.IntrusionDetection.Api.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\Cyberarms.IntrusionDetection.Base.Plugins.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\DemoAgent.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\mscorlib.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\Cyberarms.IntrusionDetection.Api.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\Cyberarms.IntrusionDetection.Api.xml
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\Cyberarms.IntrusionDetection.Base.Plugins.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\DemoAgent.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\normidna.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\normnfc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\normnfd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\normnfkc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\normnfkd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\obj\Release\CyberarmsIdsCmd.exe
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\obj\Release\CyberarmsIdsCmd.pdb
diff --git a/Cyberarms.IntrusionDetection.Cmd/obj/Release/Cyberarms.IntrusionDetection.Cmd.csprojResolveAssemblyReference.cache b/Cyberarms.IntrusionDetection.Cmd/obj/Release/Cyberarms.IntrusionDetection.Cmd.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..7ef0b11
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/obj/Release/Cyberarms.IntrusionDetection.Cmd.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/obj/Release/CyberarmsIdsCmd.exe b/Cyberarms.IntrusionDetection.Cmd/obj/Release/CyberarmsIdsCmd.exe
new file mode 100644
index 0000000..acf7d76
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/obj/Release/CyberarmsIdsCmd.exe differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/obj/Release/CyberarmsIdsCmd.pdb b/Cyberarms.IntrusionDetection.Cmd/obj/Release/CyberarmsIdsCmd.pdb
new file mode 100644
index 0000000..ea34c18
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/obj/Release/CyberarmsIdsCmd.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/obj/x86/Release/Cyberarms.IntrusionDetection.Cmd.csproj.FileListAbsolute.txt b/Cyberarms.IntrusionDetection.Cmd/obj/x86/Release/Cyberarms.IntrusionDetection.Cmd.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..f34d757
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Cmd/obj/x86/Release/Cyberarms.IntrusionDetection.Cmd.csproj.FileListAbsolute.txt
@@ -0,0 +1,12 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\obj\x86\Release\Cyberarms.IntrusionDetection.Cmd.csprojResolveAssemblyReference.cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\CyberarmsIdsCmd.exe.config
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\CyberarmsIdsCmd.exe
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\CyberarmsIdsCmd.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\Cyberarms.IntrusionDetection.Api.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\Cyberarms.IntrusionDetection.Base.Plugins.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\DemoAgent.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\Cyberarms.IntrusionDetection.Api.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\Cyberarms.IntrusionDetection.Base.Plugins.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\bin\Release\DemoAgent.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\obj\x86\Release\CyberarmsIdsCmd.exe
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Cmd\obj\x86\Release\CyberarmsIdsCmd.pdb
diff --git a/Cyberarms.IntrusionDetection.Cmd/obj/x86/Release/Cyberarms.IntrusionDetection.Cmd.csprojResolveAssemblyReference.cache b/Cyberarms.IntrusionDetection.Cmd/obj/x86/Release/Cyberarms.IntrusionDetection.Cmd.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..86ada6f
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/obj/x86/Release/Cyberarms.IntrusionDetection.Cmd.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/obj/x86/Release/CyberarmsIdsCmd.exe b/Cyberarms.IntrusionDetection.Cmd/obj/x86/Release/CyberarmsIdsCmd.exe
new file mode 100644
index 0000000..04e1fdb
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/obj/x86/Release/CyberarmsIdsCmd.exe differ
diff --git a/Cyberarms.IntrusionDetection.Cmd/obj/x86/Release/CyberarmsIdsCmd.pdb b/Cyberarms.IntrusionDetection.Cmd/obj/x86/Release/CyberarmsIdsCmd.pdb
new file mode 100644
index 0000000..b7b24c9
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Cmd/obj/x86/Release/CyberarmsIdsCmd.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Service.Test/Cyberarms.IntrusionDetection.Service.Test.csproj b/Cyberarms.IntrusionDetection.Service.Test/Cyberarms.IntrusionDetection.Service.Test.csproj
index 52bed2e..4d685eb 100644
--- a/Cyberarms.IntrusionDetection.Service.Test/Cyberarms.IntrusionDetection.Service.Test.csproj
+++ b/Cyberarms.IntrusionDetection.Service.Test/Cyberarms.IntrusionDetection.Service.Test.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -11,7 +11,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>IdsServiceForWindowsTest</RootNamespace>
     <AssemblyName>IdsServiceForWindowsTest</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <ProjectTypeGuids>{3AC096D0-A1C2-E12C-1390-A8335801FDAB};{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}</ProjectTypeGuids>
     <SccProjectName>SAK</SccProjectName>
@@ -167,4 +167,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.IntrusionDetection.Service.Test/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs b/Cyberarms.IntrusionDetection.Service.Test/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
new file mode 100644
index 0000000..6574ddf
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Service.Test/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = "")]
diff --git a/Cyberarms.IntrusionDetection.Service.Test/obj/Release/Cyberarms.IntrusionDetection.Service.Test.csproj.FileListAbsolute.txt b/Cyberarms.IntrusionDetection.Service.Test/obj/Release/Cyberarms.IntrusionDetection.Service.Test.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..3fc8bb1
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Service.Test/obj/Release/Cyberarms.IntrusionDetection.Service.Test.csproj.FileListAbsolute.txt
@@ -0,0 +1,3 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service.Test\obj\Release\Cyberarms.IntrusionDetection.Service.Test.csprojResolveAssemblyReference.cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service.Test\obj\Release\Cyberarms.IntrusionDetection.Service.Test.csproj.AssemblyReference.cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service.Test\obj\Release\Cyberarms.IntrusionDetection.Service.Test.csproj.CoreCompileInputs.cache
diff --git a/Cyberarms.IntrusionDetection.Service.Test/obj/Release/Cyberarms.IntrusionDetection.Service.Test.csprojResolveAssemblyReference.cache b/Cyberarms.IntrusionDetection.Service.Test/obj/Release/Cyberarms.IntrusionDetection.Service.Test.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..a02da74
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service.Test/obj/Release/Cyberarms.IntrusionDetection.Service.Test.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.IntrusionDetection.Service.Test/obj/x86/Release/Cyberarms.IntrusionDetection.Service.Test.csproj.FileListAbsolute.txt b/Cyberarms.IntrusionDetection.Service.Test/obj/x86/Release/Cyberarms.IntrusionDetection.Service.Test.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..2b6d1d4
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Service.Test/obj/x86/Release/Cyberarms.IntrusionDetection.Service.Test.csproj.FileListAbsolute.txt
@@ -0,0 +1 @@
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service.Test\obj\x86\Release\Cyberarms.IntrusionDetection.Service.Test.csprojResolveAssemblyReference.cache
diff --git a/Cyberarms.IntrusionDetection.Service.Test/obj/x86/Release/Cyberarms.IntrusionDetection.Service.Test.csprojResolveAssemblyReference.cache b/Cyberarms.IntrusionDetection.Service.Test/obj/x86/Release/Cyberarms.IntrusionDetection.Service.Test.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..87e328c
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service.Test/obj/x86/Release/Cyberarms.IntrusionDetection.Service.Test.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.IntrusionDetection.Service/Cyberarms.IntrusionDetection.Service.csproj b/Cyberarms.IntrusionDetection.Service/Cyberarms.IntrusionDetection.Service.csproj
index ffa9c6b..fc09e38 100644
--- a/Cyberarms.IntrusionDetection.Service/Cyberarms.IntrusionDetection.Service.csproj
+++ b/Cyberarms.IntrusionDetection.Service/Cyberarms.IntrusionDetection.Service.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.IntrusionDetection</RootNamespace>
     <AssemblyName>CyberarmsIdsService</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <TargetFrameworkProfile>
     </TargetFrameworkProfile>
     <FileAlignment>512</FileAlignment>
@@ -178,35 +178,7 @@
       <DependentUpon>ProjectInstaller.cs</DependentUpon>
     </EmbeddedResource>
   </ItemGroup>
-  <ItemGroup>
-    <COMReference Include="NATUPNPLib">
-      <Guid>{1C565858-F302-471E-B409-F180AA4ABEC6}</Guid>
-      <VersionMajor>1</VersionMajor>
-      <VersionMinor>0</VersionMinor>
-      <Lcid>0</Lcid>
-      <WrapperTool>tlbimp</WrapperTool>
-      <Isolated>False</Isolated>
-      <EmbedInteropTypes>True</EmbedInteropTypes>
-    </COMReference>
-    <COMReference Include="NETCONLib">
-      <Guid>{43E734CA-043D-4A70-9A2C-A8F254063D91}</Guid>
-      <VersionMajor>1</VersionMajor>
-      <VersionMinor>0</VersionMinor>
-      <Lcid>0</Lcid>
-      <WrapperTool>tlbimp</WrapperTool>
-      <Isolated>False</Isolated>
-      <EmbedInteropTypes>True</EmbedInteropTypes>
-    </COMReference>
-    <COMReference Include="NetFwTypeLib">
-      <Guid>{58FBCF7C-E7A9-467C-80B3-FC65E8FCCA08}</Guid>
-      <VersionMajor>1</VersionMajor>
-      <VersionMinor>0</VersionMinor>
-      <Lcid>0</Lcid>
-      <WrapperTool>tlbimp</WrapperTool>
-      <Isolated>False</Isolated>
-      <EmbedInteropTypes>True</EmbedInteropTypes>
-    </COMReference>
-  </ItemGroup>
+
   <ItemGroup>
     <None Include="app.config">
       <SubType>Designer</SubType>
@@ -267,4 +239,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.IntrusionDetection.Service/FirewallManager.cs b/Cyberarms.IntrusionDetection.Service/FirewallManager.cs
index 4370442..25691e4 100644
--- a/Cyberarms.IntrusionDetection.Service/FirewallManager.cs
+++ b/Cyberarms.IntrusionDetection.Service/FirewallManager.cs
@@ -1,38 +1,33 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Text;
-using NATUPNPLib;
-using NETCONLib;
-using NetFwTypeLib;
-
 
 namespace Cyberarms.IntrusionDetection {
     internal class FirewallManager {
         private static FirewallManager _instance;
-        private INetFwMgr firewallManager; 
+        private dynamic firewallManager; 
         internal static FirewallManager Instance {
             get {
                 if (_instance == null) {
                     _instance = new FirewallManager();
                 }
                 return _instance;
-
             }
         }
 
         private FirewallManager() {
-            firewallManager = (INetFwMgr)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwMgr"));
+            Type t = Type.GetTypeFromProgID("HNetCfg.FwMgr");
+            firewallManager = Activator.CreateInstance(t);
         }
 
         internal void AddPort(string strName,
                                    int Port,
-                                   NetFwTypeLib.NET_FW_SCOPE_ Scope,
-                                   NetFwTypeLib.NET_FW_IP_PROTOCOL_ Protocol, 
+                                   int Scope,
+                                   int Protocol, 
                                    string remoteAddresses) {
-            INetFwOpenPort fireWallPort =
-                          (INetFwOpenPort)Activator.CreateInstance(
-                               Type.GetTypeFromProgID("HNetCfg.FWOpenPort"));
+            Type t = Type.GetTypeFromProgID("HNetCfg.FWOpenPort");
+            dynamic fireWallPort = Activator.CreateInstance(t);
             fireWallPort.RemoteAddresses = remoteAddresses;
             fireWallPort.Enabled = true;
             fireWallPort.Name = strName;
@@ -43,43 +38,37 @@ internal void AddPort(string strName,
                                        .GloballyOpenPorts.Add(fireWallPort);
         }
 
-        
-
         internal void RemovePort(int Port,
-                                      NetFwTypeLib.NET_FW_IP_PROTOCOL_ Protocol) {
+                                      int Protocol) {
             firewallManager.LocalPolicy.CurrentProfile
                .GloballyOpenPorts.Remove(Port, Protocol);
         }
 
         internal void AddAuthorizedApplication(string strName,
                                                 string processImageFileName,
-                                                NetFwTypeLib.NET_FW_SCOPE_ Scope) {
-            INetFwAuthorizedApplication authorizedApplication
-                  = (INetFwAuthorizedApplication)Activator
-                          .CreateInstance(Type.GetTypeFromProgID(
-                                    "HNetCfg.FwAuthorizedApplication"));
+                                                int Scope) {
+            Type t = Type.GetTypeFromProgID("HNetCfg.FwAuthorizedApplication");
+            dynamic authorizedApplication = Activator.CreateInstance(t);
             authorizedApplication.Name = strName;
             authorizedApplication.Scope = Scope;
             authorizedApplication.Enabled = true;
             authorizedApplication.ProcessImageFileName = processImageFileName;
             firewallManager.LocalPolicy.CurrentProfile
-                           .AuthorizedApplications.Add(authorizedApplication);
+                            .AuthorizedApplications.Add(authorizedApplication);
         }
 
         internal void RemoveAuthorizedApplication(string processFileName) {
             firewallManager.LocalPolicy.CurrentProfile
-                           .AuthorizedApplications.Remove(processFileName);
+                            .AuthorizedApplications.Remove(processFileName);
         }
 
-        internal INetFwOpenPort ReadPort(string name) {
-            INetFwOpenPorts ports = firewallManager.LocalPolicy.CurrentProfile.GloballyOpenPorts;
-            foreach (INetFwOpenPort port in ports) {
+        internal dynamic ReadPort(string name) {
+            dynamic ports = firewallManager.LocalPolicy.CurrentProfile.GloballyOpenPorts;
+            foreach (dynamic port in ports) {
                 System.Diagnostics.Debug.Print(port.Name);
                 if (port.Name == name) return port;
             }
             return null;
-
         }
-
     }
 }
diff --git a/Cyberarms.IntrusionDetection.Service/FirewallPolicyManager.cs b/Cyberarms.IntrusionDetection.Service/FirewallPolicyManager.cs
index ce1da93..3324907 100644
--- a/Cyberarms.IntrusionDetection.Service/FirewallPolicyManager.cs
+++ b/Cyberarms.IntrusionDetection.Service/FirewallPolicyManager.cs
@@ -1,16 +1,14 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Text;
-using NATUPNPLib;
-using NETCONLib;
-using NetFwTypeLib;
+using System.Runtime.InteropServices;
+using System.Net;
+using System.Net.NetworkInformation;
 using Cyberarms.IntrusionDetection.Shared;
 
-
 namespace Cyberarms.IntrusionDetection {
     internal class FirewallPolicyManager {
-        private INetFwPolicy2 firewallPolicyManager;
         private static FirewallPolicyManager _instance;
 
         internal static FirewallPolicyManager Instance {
@@ -23,136 +21,231 @@ internal static FirewallPolicyManager Instance {
         }
 
         private FirewallPolicyManager() {
-            firewallPolicyManager = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
+        }
+
+        // P/Invoke Structures and Methods
+        [StructLayout(LayoutKind.Sequential)]
+        internal struct MIB_IPFORWARDROW {
+            public uint dwForwardDest;
+            public uint dwForwardMask;
+            public uint dwForwardPolicy;
+            public uint dwForwardNextHop;
+            public uint dwForwardIfIndex;
+            public uint dwForwardType;
+            public uint dwForwardProto;
+            public uint dwForwardAge;
+            public uint dwForwardNextHopAS;
+            public uint dwForwardMetric1;
+            public uint dwForwardMetric2;
+            public uint dwForwardMetric3;
+            public uint dwForwardMetric4;
+            public uint dwForwardMetric5;
+        }
+
+        [DllImport("iphlpapi.dll", SetLastError = true)]
+        internal static extern int CreateIpForwardEntry(ref MIB_IPFORWARDROW pRoute);
+
+        [DllImport("iphlpapi.dll", SetLastError = true)]
+        internal static extern int DeleteIpForwardEntry(ref MIB_IPFORWARDROW pRoute);
+
+        [DllImport("iphlpapi.dll", SetLastError = true)]
+        internal static extern int GetIpForwardTable(IntPtr pIpForwardTable, ref int pdwSize, bool bOrder);
+
 
+        private static uint IpToUint(string ipAddress) {
+            IPAddress ip = IPAddress.Parse(ipAddress);
+            byte[] bytes = ip.GetAddressBytes();
+            return BitConverter.ToUInt32(bytes, 0);
+        }
+
+        private static uint GetLoopbackInterfaceIndex() {
+            foreach (var ni in NetworkInterface.GetAllNetworkInterfaces()) {
+                if (ni.NetworkInterfaceType == NetworkInterfaceType.Loopback) {
+                    var ipProps = ni.GetIPProperties();
+                    var ipv4Props = ipProps.GetIPv4Properties();
+                    if (ipv4Props != null) {
+                        return (uint)ipv4Props.Index;
+                    }
+                }
+            }
+            return 1; // fallback default
         }
 
         internal void Block(string ipAddress) {
             try {
-                AddRule("BlockAttacker", 0, NetFwTypeLib.NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_ANY,
-                    NetFwTypeLib.NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN, NetFwTypeLib.NET_FW_SCOPE_.NET_FW_SCOPE_CUSTOM,
-                    NetFwTypeLib.NET_FW_ACTION_.NET_FW_ACTION_BLOCK, ipAddress);
+                IPAddress ip;
+                if (!IPAddress.TryParse(ipAddress, out ip)) {
+                    throw new ArgumentException("Invalid IP address format: " + ipAddress);
+                }
+
+                if (ip.AddressFamily == System.Net.Sockets.AddressFamily.InterNetworkV6) {
+                    System.Diagnostics.EventLog.WriteEntry("Cyberarms.IntrusionDetection", 
+                        "Cannot block IPv6 address " + ipAddress + " via IPv4 Routing. Skipping.", 
+                        System.Diagnostics.EventLogEntryType.Warning);
+                    return;
+                }
+
+                uint loopbackIndex = GetLoopbackInterfaceIndex();
+
+                MIB_IPFORWARDROW route = new MIB_IPFORWARDROW();
+                route.dwForwardDest = IpToUint(ipAddress);
+                route.dwForwardMask = 0xFFFFFFFF; // 255.255.255.255
+                route.dwForwardNextHop = 0; // 0.0.0.0 (Direct route next-hop)
+                route.dwForwardIfIndex = loopbackIndex;
+                route.dwForwardMetric1 = 99;
+                route.dwForwardProto = 3; // MIB_IPPROTO_NETMGMT
+                route.dwForwardType = 3;  // MIB_IPROUTE_TYPE_DIRECT
+                route.dwForwardAge = 0;
+                route.dwForwardPolicy = 0;
+
+                int result = CreateIpForwardEntry(ref route);
+                if (result != 0 && result != 5010) { // 5010 is OBJECT_ALREADY_EXISTS
+                    throw new Exception("CreateIpForwardEntry failed with error code: " + result);
+                }
+
+                System.Diagnostics.EventLog.WriteEntry("Cyberarms.IntrusionDetection", 
+                    "Null route created to block IP " + ipAddress + " (IfIndex: " + loopbackIndex + ").", 
+                    System.Diagnostics.EventLogEntryType.Information);
+
             } catch (Exception ex) {
-                System.Diagnostics.EventLog.WriteEntry("Create Firewall Rule",ex.Message, System.Diagnostics.EventLogEntryType.Error);
+                System.Diagnostics.EventLog.WriteEntry("Create Null Route", ex.Message, System.Diagnostics.EventLogEntryType.Error);
             }
         }
 
         internal bool IsLocked(string ipAddress) {
+            return IsRouteExists(ipAddress);
+        }
+
+        private bool IsRouteExists(string ipAddress) {
             try {
-                INetFwRule rule = GetRule(GetRuleName("BlockAttacker", 0));
-                return rule.RemoteAddresses.Contains(ipAddress);
+                uint destIp = IpToUint(ipAddress);
+                int size = 0;
+                GetIpForwardTable(IntPtr.Zero, ref size, false);
+                if (size == 0) return false;
+
+                IntPtr pTable = Marshal.AllocHGlobal(size);
+                try {
+                    int result = GetIpForwardTable(pTable, ref size, false);
+                    if (result != 0) {
+                        return false;
+                    }
+
+                    int numEntries = Marshal.ReadInt32(pTable);
+                    IntPtr pRow = new IntPtr(pTable.ToInt64() + 4);
+                    int rowSize = 56; // 14 uint fields * 4 bytes
+
+                    uint loopbackIndex = GetLoopbackInterfaceIndex();
+
+                    for (int i = 0; i < numEntries; i++) {
+                        uint dwForwardDest = (uint)Marshal.ReadInt32(pRow, 0);
+                        uint dwForwardMask = (uint)Marshal.ReadInt32(pRow, 4);
+                        uint dwForwardIfIndex = (uint)Marshal.ReadInt32(pRow, 16);
+
+                        if (dwForwardDest == destIp && dwForwardMask == 0xFFFFFFFF) {
+                            if (dwForwardIfIndex == loopbackIndex) {
+                                return true;
+                            }
+                        }
+                        pRow = new IntPtr(pRow.ToInt64() + rowSize);
+                    }
+                } finally {
+                    Marshal.FreeHGlobal(pTable);
+                }
             } catch (Exception ex) {
-                System.Diagnostics.EventLog.WriteEntry("IsLocked encountered an error: ", ex.Message, System.Diagnostics.EventLogEntryType.Error);
+                System.Diagnostics.EventLog.WriteEntry("Create Null Route", "IsRouteExists error: " + ex.Message, System.Diagnostics.EventLogEntryType.Error);
             }
             return false;
         }
 
+
         internal void RemoveIpAddressFromBlockList(string ipAddress) {
-            string ruleName = GetRuleName("BlockAttacker", 0);
-            INetFwRule rule = GetRule(ruleName);
-            if (!rule.RemoteAddresses.Contains(ipAddress)) {
-                throw new ArgumentException(String.Format(
-                    "The IP address {0} is not blocked and might has been automatically removed by schedule. Please refresh the list to view current locks.", ipAddress));
-            }
-            rule.RemoteAddresses = GetCleanedRemoteAddresses(rule.RemoteAddresses, ipAddress);
-            if (rule.RemoteAddresses == "*" || String.IsNullOrEmpty(rule.RemoteAddresses.Replace(',',' ').Trim())) {
-                rule.Enabled = false;
-            }
-        }
+            try {
+                IPAddress ip;
+                if (!IPAddress.TryParse(ipAddress, out ip)) {
+                    throw new ArgumentException("Invalid IP address format: " + ipAddress);
+                }
 
-        private string GetCleanedRemoteAddresses(string addresses, string removeAddress) {
-            StringBuilder result = new StringBuilder();
-            string[] addressList;
-            if (addresses.Contains(',')) {
-                addressList = addresses.Split(',');
-            } else {
-                addressList = new string[1];
-                addressList[0] = addresses;
-            }
-            foreach(string address in addressList) {
-                string part1 = String.Empty;
-                if (address.Contains('/')) {
-                    part1 = address.Split('/')[0];
-                } else {
-                    part1 = address;
+                if (ip.AddressFamily == System.Net.Sockets.AddressFamily.InterNetworkV6) {
+                    return; // V6 is not routed
                 }
-                if (!part1.Trim().Equals(removeAddress.Trim()) && !address.Trim().Equals(removeAddress.Trim())) {
-                    result.Append(address + ",");
+
+                uint loopbackIndex = GetLoopbackInterfaceIndex();
+
+                MIB_IPFORWARDROW route = new MIB_IPFORWARDROW();
+                route.dwForwardDest = IpToUint(ipAddress);
+                route.dwForwardMask = 0xFFFFFFFF; // 255.255.255.255
+                route.dwForwardNextHop = 0; // 0.0.0.0
+                route.dwForwardIfIndex = loopbackIndex;
+                route.dwForwardMetric1 = 99;
+                route.dwForwardProto = 3;
+                route.dwForwardType = 3;
+                route.dwForwardAge = 0;
+                route.dwForwardPolicy = 0;
+
+                int result = DeleteIpForwardEntry(ref route);
+                if (result != 0 && result != 1168) { // 1168 is ERROR_NOT_FOUND
+                    throw new Exception("DeleteIpForwardEntry failed with error code: " + result);
                 }
-            }
-            return result.ToString();
-        }
 
-        private string GetRuleName(string name, int port) {
-            return String.Format("{0}_{1}_{2}", Globals.CYBERARMS_WINDOWS_IDS_RULE_NAME, name, port == 0 ? "AllPorts" : port.ToString());
-        }
+                System.Diagnostics.EventLog.WriteEntry("Cyberarms.IntrusionDetection", 
+                    "Null route removed for IP " + ipAddress + ".", 
+                    System.Diagnostics.EventLogEntryType.Information);
 
-        internal void AddRule(string name, int port, NET_FW_IP_PROTOCOL_ protocol, NetFwTypeLib.NET_FW_RULE_DIRECTION_ direction, 
-            NetFwTypeLib.NET_FW_SCOPE_ scope, NetFwTypeLib.NET_FW_ACTION_ action, string remoteAddress) {
-            bool ruleExists = false;
-            string ipAddress;
-            string ruleName = GetRuleName(name, port);
-            INetFwRule rule = GetRule(ruleName);
-            if (rule != null) {
-                ruleExists = true;
-            } else {
-                try {
-                    rule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule", true));
-                } catch (Exception x) {
-                    throw x;
-                }
-            }
-            if(IddsConfig.IsValidIpAddress(remoteAddress)) {
-                ipAddress = remoteAddress;
-            } else {
-                throw new ArgumentOutOfRangeException("IP address must be given in IP version 4 or IP version 6 format!");
-            }
-            // ipAddress = String.Format("{0}/255.255.255.255", ipAddress);
-
-            if (!ruleExists) {
-                rule.Action = action;
-                rule.Grouping = Globals.CYBERARMS_WINDOWS_IDS_GROUP_NAME;
-                rule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP;
-                rule.Description = Globals.CYBERARMS_WINDOWS_IDS_GROUP_NAME + " rule";
-                rule.Direction = direction;
-                rule.Enabled = true;
-
-                if(port>0) rule.LocalPorts = port.ToString();
-                rule.Name = ruleName;
-                rule.RemoteAddresses = ipAddress;
-                //  rule.RemotePorts = "";
-                firewallPolicyManager.Rules.Add(rule);
-            } else {
-                rule.Enabled = true;
-                if (rule.RemoteAddresses.Trim().Equals("*")) {
-                    rule.RemoteAddresses = ipAddress;
-                } else {
-                    rule.RemoteAddresses = String.Format("{0},{1}", rule.RemoteAddresses, ipAddress);
-                }
+            } catch (Exception ex) {
+                System.Diagnostics.EventLog.WriteEntry("Remove Null Route", ex.Message, System.Diagnostics.EventLogEntryType.Error);
             }
         }
 
-        internal void CleanUpRules() {
-            foreach (INetFwRule rule in FindRules(Globals.CYBERARMS_WINDOWS_IDS_RULE_NAME)) {
-                //rule.RemoteAddresses = "";
-                firewallPolicyManager.Rules.Remove(rule.Name);
+        internal void ConfigureInterfaces() {
+            try {
+                System.Diagnostics.ProcessStartInfo psi = new System.Diagnostics.ProcessStartInfo();
+                psi.FileName = "powershell.exe";
+                psi.Arguments = "-NoProfile -WindowStyle Hidden -Command \"Get-NetIPInterface -AddressFamily IPv4 | Where-Object { $_.InterfaceAlias -notlike 'Loopback*' } | Set-NetIPInterface -WeakHostSend Enabled -WeakHostReceive Enabled -ErrorAction SilentlyContinue\"";
+                psi.UseShellExecute = false;
+                psi.CreateNoWindow = true;
+                using (System.Diagnostics.Process p = System.Diagnostics.Process.Start(psi)) {
+                    p.WaitForExit(5000);
+                }
+            } catch (Exception ex) {
+                System.Diagnostics.EventLog.WriteEntry("Cyberarms.IntrusionDetection", 
+                    "Failed to configure weak host settings on network interfaces: " + ex.Message, 
+                    System.Diagnostics.EventLogEntryType.Warning);
             }
         }
 
-        internal INetFwRule GetRule(string name) {
-            foreach (INetFwRule rule in firewallPolicyManager.Rules) {
-                if (rule.Name == name) return rule;
+        internal void RestoreActiveBans() {
+            try {
+                ConfigureInterfaces();
+                List<Lock> activeLocks = Locks.GetCurrentLocks();
+                if (activeLocks == null || activeLocks.Count == 0) {
+                    return;
+                }
+
+                System.Diagnostics.EventLog.WriteEntry("Cyberarms.IntrusionDetection", 
+                    "Restoring " + activeLocks.Count + " active null route bans from the database.", 
+                    System.Diagnostics.EventLogEntryType.Information);
+
+                foreach (Lock l in activeLocks) {
+                    Block(l.IpAddress);
+                }
+            } catch (Exception ex) {
+                System.Diagnostics.EventLog.WriteEntry("Restore Active Bans", ex.Message, System.Diagnostics.EventLogEntryType.Error);
             }
-            return null;
         }
 
-        internal List<INetFwRule> FindRules(string name) {
-            List<INetFwRule> rules = new List<INetFwRule>();
-            foreach (INetFwRule rule in firewallPolicyManager.Rules) {
-                if (rule.Name.StartsWith(name)) rules.Add(rule);
+
+        internal void CleanUpRules() {
+            try {
+                // Delete active null routes for all current database locks
+                List<Lock> activeLocks = Locks.GetCurrentLocks();
+                if (activeLocks != null) {
+                    foreach (Lock l in activeLocks) {
+                        RemoveIpAddressFromBlockList(l.IpAddress);
+                    }
+                }
+            } catch (Exception ex) {
+                System.Diagnostics.EventLog.WriteEntry("CleanUpRules", ex.Message, System.Diagnostics.EventLogEntryType.Error);
             }
-            return rules;
         }
-
     }
 }
diff --git a/Cyberarms.IntrusionDetection.Service/PaladinService.cs b/Cyberarms.IntrusionDetection.Service/PaladinService.cs
index f1b18e7..3571d4c 100644
--- a/Cyberarms.IntrusionDetection.Service/PaladinService.cs
+++ b/Cyberarms.IntrusionDetection.Service/PaladinService.cs
@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.ComponentModel;
 using System.Data;
@@ -341,7 +341,7 @@ void LockDownIp(Lock lockItem, LockType lockType, SecurityAgent reportingAgent)
                 WindowsLogManager.Instance.WriteEntry("Intrusion Detection Service had an error:" + ex.Message, EventLogEntryType.Error,
                       Globals.CYBERARMS_EVENT_ID_CONFIGURATION_ERROR, Globals.CYBERARMS_LOG_CATEGORY_RUNTIME);
             }
-            WindowsLogManager.Instance.WriteEntry(String.Format("{0} lock: Unsuccessful login attempts from ip address {1} exceeded threshold. Firewall rule is being created to block the address specified.",
+            WindowsLogManager.Instance.WriteEntry(String.Format("{0} lock: Unsuccessful login attempts from ip address {1} exceeded threshold. Null route is being created to block the address specified.",
                 lockType == LockType.HardLock ? "Hard" : "Soft", lockItem.IpAddress), EventLogEntryType.FailureAudit, Globals.CYBERARMS_EVENT_ID_FIREWALL_RULE_CREATED,
                         Globals.CYBERARMS_LOG_CATEGORY_SECURITY);
             // lockItem.Id = Locks.CreateLock(lockItem);
@@ -396,7 +396,7 @@ void StartService()
             try
             {
                 if (!isInitialized) Init();
-                // FirewallPolicyManager.Instance.CleanUpRules();
+                FirewallPolicyManager.Instance.RestoreActiveBans();
                 InitAgentConfiguration();
                 LoadAgents();
                 SecurityAgents.Instance.StartAgents();
diff --git a/Cyberarms.IntrusionDetection.Service/app.config b/Cyberarms.IntrusionDetection.Service/app.config
index 1271b61..ddbae24 100644
--- a/Cyberarms.IntrusionDetection.Service/app.config
+++ b/Cyberarms.IntrusionDetection.Service/app.config
@@ -6,5 +6,11 @@
   </appSettings>
   <runtime>
     <loadFromRemoteSources enabled="true"/>
+    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+      <dependentAssembly>
+        <assemblyIdentity name="System.Data.SQLite" publicKeyToken="db937bc2d44ff139" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-2.0.0.0" newVersion="1.0.112.1" />
+      </dependentAssembly>
+    </assemblyBinding>
   </runtime>
 </configuration>
diff --git a/Cyberarms.IntrusionDetection.Service/bin/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.IntrusionDetection.Service/bin/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..aaff0d4
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/bin/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.IntrusionDetection.Service/bin/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.IntrusionDetection.Service/bin/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..1e9ee28
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/bin/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Service/bin/Release/Cyberarms.IntrusionDetection.Api.xml b/Cyberarms.IntrusionDetection.Service/bin/Release/Cyberarms.IntrusionDetection.Api.xml
new file mode 100644
index 0000000..b345d21
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Service/bin/Release/Cyberarms.IntrusionDetection.Api.xml
@@ -0,0 +1,460 @@
+<?xml version="1.0"?>
+<doc>
+    <assembly>
+        <name>Cyberarms.IntrusionDetection.Api</name>
+    </assembly>
+    <members>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase">
+            <summary>
+            This class can be used as base class for custom configuration.
+            Using this base class,Intrusion Detectionautomatically loads and saves configuration values needed by your plugin.
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration">
+            <summary>
+            This interface provídes any property needed forIntrusion Detectionto load and save configuration values for your agent plugin.
+            It is used byIntrusion Detectioninternally, as agent developer, you don't have to care about this interface
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.GetConfigurationType">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.GetConfigurationType">
+            <summary>
+            Returns the type of custom configuration
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings. This must be marked with the System.Xml.Serialization.XmlIgnore() attribute,
+            and the property must ensure to return the right configuration for the plugin.
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.PluginConfigurationXml">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.FileName">
+            <summary>
+            The filename of an agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin">
+            <summary>
+            Base class for agents
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin">
+            <summary>
+            Interface for agents, must be implemented to create aIntrusion Detectionagent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.#ctor">
+            <summary>
+            Initialize the agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnAttackDetected(System.Object,Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+            <summary>
+            Is used to invoke all event listener delegates
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Notification arguments</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStartAgent">
+            <summary>
+            Override this method to do anything required to start your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnPauseAgent">
+            <summary>
+            Override this method to do anything required to pause your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStopAgent">
+            <summary>
+            Override this method to stop your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnContinueAgent">
+            <summary>
+            Override this method to continue your agent from the paused state
+            </summary>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>                
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener">
+            <summary>
+            NotificationReceiver
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener.NotificationReceiver(Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+             <summary>
+            Intrusion Detectioncalls the NotificationReceiver to forward notification event data 
+             </summary>
+             <param name="args"></param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.Names">
+            <summary>
+            Internal class needed for naming
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.Names.pluginTypeNames">
+            <summary>
+            Returns display names 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute">
+            <summary>
+            Custom attribute for plugins to specify displayname and description. 
+            TheIntrusion Detectionadministration software displays the values defined as class attribute
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+            <param name="version">Version number of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.DisplayName">
+            <summary>
+            Display name of your agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Description">
+            <summary>
+            Add a short description about what your agent does
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Version">
+            <summary>
+            Version number of your agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes">
+            <summary>
+            Plugin types
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.Agent">
+            <summary>
+            Type is agent
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.NotificationListener">
+            <summary>
+            Type is Listener
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler">
+            <summary>
+            Event handler for sending intrusion attempts to theIntrusion DetectionService
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Intrusion notification details</param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs">
+            <summary>
+            Notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs">
+            <summary>
+            Base class for notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration">
+            <summary>
+            Base class for plugin configuration settings
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration)">
+            <summary>
+            Clone from another PluginConfiguration of the same type
+            </summary>
+            <param name="source"></param>
+        </member>
+    </members>
+</doc>
diff --git a/Cyberarms.IntrusionDetection.Service/bin/Release/Cyberarms.IntrusionDetection.Shared.dll b/Cyberarms.IntrusionDetection.Service/bin/Release/Cyberarms.IntrusionDetection.Shared.dll
new file mode 100644
index 0000000..ab082a8
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/bin/Release/Cyberarms.IntrusionDetection.Shared.dll differ
diff --git a/Cyberarms.IntrusionDetection.Service/bin/Release/Cyberarms.IntrusionDetection.Shared.pdb b/Cyberarms.IntrusionDetection.Service/bin/Release/Cyberarms.IntrusionDetection.Shared.pdb
new file mode 100644
index 0000000..ec39ddc
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/bin/Release/Cyberarms.IntrusionDetection.Shared.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Service/bin/Release/CyberarmsIdsService.exe b/Cyberarms.IntrusionDetection.Service/bin/Release/CyberarmsIdsService.exe
new file mode 100644
index 0000000..2b8864b
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/bin/Release/CyberarmsIdsService.exe differ
diff --git a/Cyberarms.IntrusionDetection.Service/bin/Release/CyberarmsIdsService.exe.config b/Cyberarms.IntrusionDetection.Service/bin/Release/CyberarmsIdsService.exe.config
new file mode 100644
index 0000000..ddbae24
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Service/bin/Release/CyberarmsIdsService.exe.config
@@ -0,0 +1,16 @@
+<?xml version="1.0"?>
+<configuration>
+<startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/></startup>
+  <appSettings>
+    <add key="PluginConfigurationFilename" value="plugins.sxml"/>
+  </appSettings>
+  <runtime>
+    <loadFromRemoteSources enabled="true"/>
+    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+      <dependentAssembly>
+        <assemblyIdentity name="System.Data.SQLite" publicKeyToken="db937bc2d44ff139" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-2.0.0.0" newVersion="1.0.112.1" />
+      </dependentAssembly>
+    </assemblyBinding>
+  </runtime>
+</configuration>
diff --git a/Cyberarms.IntrusionDetection.Service/bin/Release/CyberarmsIdsService.pdb b/Cyberarms.IntrusionDetection.Service/bin/Release/CyberarmsIdsService.pdb
new file mode 100644
index 0000000..606cfd6
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/bin/Release/CyberarmsIdsService.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Service/bin/Release/mscorlib.dll b/Cyberarms.IntrusionDetection.Service/bin/Release/mscorlib.dll
new file mode 100644
index 0000000..2e8c900
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/bin/Release/mscorlib.dll differ
diff --git a/Cyberarms.IntrusionDetection.Service/bin/Release/normidna.nlp b/Cyberarms.IntrusionDetection.Service/bin/Release/normidna.nlp
new file mode 100644
index 0000000..5a69df1
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/bin/Release/normidna.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Service/bin/Release/normnfc.nlp b/Cyberarms.IntrusionDetection.Service/bin/Release/normnfc.nlp
new file mode 100644
index 0000000..f198144
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/bin/Release/normnfc.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Service/bin/Release/normnfd.nlp b/Cyberarms.IntrusionDetection.Service/bin/Release/normnfd.nlp
new file mode 100644
index 0000000..16e88e1
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/bin/Release/normnfd.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Service/bin/Release/normnfkc.nlp b/Cyberarms.IntrusionDetection.Service/bin/Release/normnfkc.nlp
new file mode 100644
index 0000000..55406db
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/bin/Release/normnfkc.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Service/bin/Release/normnfkd.nlp b/Cyberarms.IntrusionDetection.Service/bin/Release/normnfkd.nlp
new file mode 100644
index 0000000..b7386c4
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/bin/Release/normnfkd.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Service/obj/Release/Cyberarms.IntrusionDetection.ProjectInstaller.resources b/Cyberarms.IntrusionDetection.Service/obj/Release/Cyberarms.IntrusionDetection.ProjectInstaller.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/obj/Release/Cyberarms.IntrusionDetection.ProjectInstaller.resources differ
diff --git a/Cyberarms.IntrusionDetection.Service/obj/Release/Cyberarms.IntrusionDetection.Service.csproj.FileListAbsolute.txt b/Cyberarms.IntrusionDetection.Service/obj/Release/Cyberarms.IntrusionDetection.Service.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..d9ff557
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Service/obj/Release/Cyberarms.IntrusionDetection.Service.csproj.FileListAbsolute.txt
@@ -0,0 +1,20 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\obj\Release\Cyberarms.IntrusionDetection.Service.csprojResolveAssemblyReference.cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\CyberarmsIdsService.exe.config
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\CyberarmsIdsService.exe
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\CyberarmsIdsService.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\Cyberarms.IntrusionDetection.Api.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\Cyberarms.IntrusionDetection.Shared.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\mscorlib.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\Cyberarms.IntrusionDetection.Api.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\Cyberarms.IntrusionDetection.Api.xml
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\Cyberarms.IntrusionDetection.Shared.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\normidna.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\normnfc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\normnfd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\normnfkc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\normnfkd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\obj\Release\Cyberarms.IntrusionDetection.Service.resources
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\obj\Release\Cyberarms.IntrusionDetection.ProjectInstaller.resources
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\obj\Release\Cyberarms.IntrusionDetection.Service.csproj.GenerateResource.Cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\obj\Release\CyberarmsIdsService.exe
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\obj\Release\CyberarmsIdsService.pdb
diff --git a/Cyberarms.IntrusionDetection.Service/obj/Release/Cyberarms.IntrusionDetection.Service.csproj.GenerateResource.Cache b/Cyberarms.IntrusionDetection.Service/obj/Release/Cyberarms.IntrusionDetection.Service.csproj.GenerateResource.Cache
new file mode 100644
index 0000000..d34474e
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/obj/Release/Cyberarms.IntrusionDetection.Service.csproj.GenerateResource.Cache differ
diff --git a/Cyberarms.IntrusionDetection.Service/obj/Release/Cyberarms.IntrusionDetection.Service.csprojResolveAssemblyReference.cache b/Cyberarms.IntrusionDetection.Service/obj/Release/Cyberarms.IntrusionDetection.Service.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..47c0b5c
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/obj/Release/Cyberarms.IntrusionDetection.Service.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.IntrusionDetection.Service/obj/Release/Cyberarms.IntrusionDetection.Service.resources b/Cyberarms.IntrusionDetection.Service/obj/Release/Cyberarms.IntrusionDetection.Service.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/obj/Release/Cyberarms.IntrusionDetection.Service.resources differ
diff --git a/Cyberarms.IntrusionDetection.Service/obj/Release/CyberarmsIdsService.exe b/Cyberarms.IntrusionDetection.Service/obj/Release/CyberarmsIdsService.exe
new file mode 100644
index 0000000..5fb9982
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/obj/Release/CyberarmsIdsService.exe differ
diff --git a/Cyberarms.IntrusionDetection.Service/obj/Release/CyberarmsIdsService.pdb b/Cyberarms.IntrusionDetection.Service/obj/Release/CyberarmsIdsService.pdb
new file mode 100644
index 0000000..8ed24b3
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/obj/Release/CyberarmsIdsService.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Service/obj/x86/Release/Cyberarms.IntrusionDetection.ProjectInstaller.resources b/Cyberarms.IntrusionDetection.Service/obj/x86/Release/Cyberarms.IntrusionDetection.ProjectInstaller.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/obj/x86/Release/Cyberarms.IntrusionDetection.ProjectInstaller.resources differ
diff --git a/Cyberarms.IntrusionDetection.Service/obj/x86/Release/Cyberarms.IntrusionDetection.Service.csproj.FileListAbsolute.txt b/Cyberarms.IntrusionDetection.Service/obj/x86/Release/Cyberarms.IntrusionDetection.Service.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..919385b
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Service/obj/x86/Release/Cyberarms.IntrusionDetection.Service.csproj.FileListAbsolute.txt
@@ -0,0 +1,13 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\obj\x86\Release\Cyberarms.IntrusionDetection.Service.csprojResolveAssemblyReference.cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\CyberarmsIdsService.exe.config
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\CyberarmsIdsService.exe
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\CyberarmsIdsService.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\Cyberarms.IntrusionDetection.Api.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\Cyberarms.IntrusionDetection.Shared.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\Cyberarms.IntrusionDetection.Api.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\bin\Release\Cyberarms.IntrusionDetection.Shared.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\obj\x86\Release\Cyberarms.IntrusionDetection.Service.resources
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\obj\x86\Release\Cyberarms.IntrusionDetection.ProjectInstaller.resources
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\obj\x86\Release\Cyberarms.IntrusionDetection.Service.csproj.GenerateResource.Cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\obj\x86\Release\CyberarmsIdsService.exe
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Service\obj\x86\Release\CyberarmsIdsService.pdb
diff --git a/Cyberarms.IntrusionDetection.Service/obj/x86/Release/Cyberarms.IntrusionDetection.Service.csproj.GenerateResource.Cache b/Cyberarms.IntrusionDetection.Service/obj/x86/Release/Cyberarms.IntrusionDetection.Service.csproj.GenerateResource.Cache
new file mode 100644
index 0000000..d34474e
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/obj/x86/Release/Cyberarms.IntrusionDetection.Service.csproj.GenerateResource.Cache differ
diff --git a/Cyberarms.IntrusionDetection.Service/obj/x86/Release/Cyberarms.IntrusionDetection.Service.csprojResolveAssemblyReference.cache b/Cyberarms.IntrusionDetection.Service/obj/x86/Release/Cyberarms.IntrusionDetection.Service.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..8304354
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/obj/x86/Release/Cyberarms.IntrusionDetection.Service.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.IntrusionDetection.Service/obj/x86/Release/Cyberarms.IntrusionDetection.Service.resources b/Cyberarms.IntrusionDetection.Service/obj/x86/Release/Cyberarms.IntrusionDetection.Service.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/obj/x86/Release/Cyberarms.IntrusionDetection.Service.resources differ
diff --git a/Cyberarms.IntrusionDetection.Service/obj/x86/Release/CyberarmsIdsService.exe b/Cyberarms.IntrusionDetection.Service/obj/x86/Release/CyberarmsIdsService.exe
new file mode 100644
index 0000000..2b8864b
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/obj/x86/Release/CyberarmsIdsService.exe differ
diff --git a/Cyberarms.IntrusionDetection.Service/obj/x86/Release/CyberarmsIdsService.pdb b/Cyberarms.IntrusionDetection.Service/obj/x86/Release/CyberarmsIdsService.pdb
new file mode 100644
index 0000000..606cfd6
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Service/obj/x86/Release/CyberarmsIdsService.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Shared.Test/Cyberarms.IntrusionDetection.Shared.Test.csproj b/Cyberarms.IntrusionDetection.Shared.Test/Cyberarms.IntrusionDetection.Shared.Test.csproj
index 4f3b4fc..8deb9ec 100644
--- a/Cyberarms.IntrusionDetection.Shared.Test/Cyberarms.IntrusionDetection.Shared.Test.csproj
+++ b/Cyberarms.IntrusionDetection.Shared.Test/Cyberarms.IntrusionDetection.Shared.Test.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -11,7 +11,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.IntrusionDetection.Shared.Test</RootNamespace>
     <AssemblyName>Cyberarms.IntrusionDetection.Shared.Test</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <ProjectTypeGuids>{3AC096D0-A1C2-E12C-1390-A8335801FDAB};{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}</ProjectTypeGuids>
     <SccProjectName>SAK</SccProjectName>
@@ -125,4 +125,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.IntrusionDetection.Shared.Test/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs b/Cyberarms.IntrusionDetection.Shared.Test/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
new file mode 100644
index 0000000..6574ddf
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Shared.Test/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = "")]
diff --git a/Cyberarms.IntrusionDetection.Shared.Test/obj/Release/Cyberarms.IntrusionDetection.Shared.Test.csproj.FileListAbsolute.txt b/Cyberarms.IntrusionDetection.Shared.Test/obj/Release/Cyberarms.IntrusionDetection.Shared.Test.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..8f3dc90
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Shared.Test/obj/Release/Cyberarms.IntrusionDetection.Shared.Test.csproj.FileListAbsolute.txt
@@ -0,0 +1,3 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared.Test\obj\Release\Cyberarms.IntrusionDetection.Shared.Test.csproj.AssemblyReference.cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared.Test\obj\Release\Cyberarms.IntrusionDetection.Shared.Test.csproj.CoreCompileInputs.cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared.Test\obj\Release\Cyberarms.IntrusionDetection.Shared.Test.csprojResolveAssemblyReference.cache
diff --git a/Cyberarms.IntrusionDetection.Shared/Cyberarms.IntrusionDetection.Shared.csproj b/Cyberarms.IntrusionDetection.Shared/Cyberarms.IntrusionDetection.Shared.csproj
index dba1b90..ea7cac6 100644
--- a/Cyberarms.IntrusionDetection.Shared/Cyberarms.IntrusionDetection.Shared.csproj
+++ b/Cyberarms.IntrusionDetection.Shared/Cyberarms.IntrusionDetection.Shared.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.IntrusionDetection.Shared</RootNamespace>
     <AssemblyName>Cyberarms.IntrusionDetection.Shared</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
     <SccLocalPath>SAK</SccLocalPath>
@@ -246,4 +246,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.IntrusionDetection.Shared/Database.cs b/Cyberarms.IntrusionDetection.Shared/Database.cs
index d04ae86..6f85ee8 100644
--- a/Cyberarms.IntrusionDetection.Shared/Database.cs
+++ b/Cyberarms.IntrusionDetection.Shared/Database.cs
@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Data;
@@ -26,7 +26,7 @@ public void Configure(string directory) {
             connBuilder.ForeignKeys = true;
             connBuilder.JournalMode = SQLiteJournalModeEnum.Truncate;
             connBuilder.Password = "hasdvfdfaxNm.DFd3djkn2li9fu24$";
-            connBuilder.Pooling = true;
+            connBuilder.Pooling = false;
             connBuilder.ReadOnly = false;
             connBuilder.SyncMode = SynchronizationModes.Normal;
             connBuilder.DataSource = directory + "\\cyberarms.idds.dbf";
@@ -55,7 +55,7 @@ void _connection_StateChange(object sender, StateChangeEventArgs e) {
         public SQLiteConnection Connection {
             get {
                 if (_connection == null) throw new ApplicationException("Sorry, cannot return requested connection object. Please run Configure first to set database path.");
-                if (_connection.State == System.Data.ConnectionState.Broken) {
+                if (_connection.State == System.Data.ConnectionState.Closed || _connection.State == System.Data.ConnectionState.Broken) {
                     _connection.Open();
                 }
                 // open new connection;
@@ -84,22 +84,65 @@ public IDataReader ExecuteReader(string sqlString, params object[] parameters) {
         }
 
         public IDataReader ExecuteReader(string sqlString, IDbTransaction transaction, params object[] parameters) {
-            IDbCommand cmd = PrepareCommand(sqlString, parameters);
-            IDataReader rdr = null;
-            if (transaction != null) cmd.Transaction = transaction;
-            try {
-                rdr = cmd.ExecuteReader();
-            } catch (Exception ex) {
-                for (int i = 0; i < 5; i++) {
-                    System.Threading.Thread.Sleep(500);
-                    try {
-                        rdr = cmd.ExecuteReader();
-                        return rdr;
-                    } catch { }
+            using (IDbCommand cmd = PrepareCommand(sqlString, parameters)) {
+                if (transaction != null) cmd.Transaction = transaction;
+                try {
+                    using (IDataReader rdr = cmd.ExecuteReader()) {
+                        DataTable dt = new DataTable();
+                        for (int i = 0; i < rdr.FieldCount; i++) {
+                            dt.Columns.Add(rdr.GetName(i), typeof(object));
+                        }
+                        while (rdr.Read()) {
+                            DataRow row = dt.NewRow();
+                            for (int i = 0; i < rdr.FieldCount; i++) {
+                                try {
+                                    row[i] = rdr.GetValue(i);
+                                } catch {
+                                    try {
+                                        row[i] = rdr.GetString(i);
+                                    } catch {
+                                        row[i] = DBNull.Value;
+                                    }
+                                }
+                            }
+                            dt.Rows.Add(row);
+                        }
+                        return dt.CreateDataReader();
+                    }
+                } catch (Exception ex) {
+                    for (int i = 0; i < 5; i++) {
+                        System.Threading.Thread.Sleep(500);
+                        try {
+                            using (IDbCommand cmdRetry = PrepareCommand(sqlString, parameters)) {
+                                if (transaction != null) cmdRetry.Transaction = transaction;
+                                using (IDataReader rdr = cmdRetry.ExecuteReader()) {
+                                    DataTable dt = new DataTable();
+                                    for (int j = 0; j < rdr.FieldCount; j++) {
+                                        dt.Columns.Add(rdr.GetName(j), typeof(object));
+                                    }
+                                    while (rdr.Read()) {
+                                        DataRow row = dt.NewRow();
+                                        for (int j = 0; j < rdr.FieldCount; j++) {
+                                            try {
+                                                row[j] = rdr.GetValue(j);
+                                            } catch {
+                                                try {
+                                                    row[j] = rdr.GetString(j);
+                                                } catch {
+                                                    row[j] = DBNull.Value;
+                                                }
+                                            }
+                                        }
+                                        dt.Rows.Add(row);
+                                    }
+                                    return dt.CreateDataReader();
+                                }
+                            }
+                        } catch { }
+                    }
+                    throw ex;
                 }
-                throw ex;
             }
-            return rdr;
         }
 
         public void ExecuteNonQuery(string sqlString, params object[] parameters) {
@@ -107,31 +150,33 @@ public void ExecuteNonQuery(string sqlString, params object[] parameters) {
         }
 
         public void ExecuteNonQuery(string sqlString, IDbTransaction transaction, params object[] parameters) {
-            IDbCommand cmd = PrepareCommand(sqlString, parameters);
-            try {
-                if (transaction != null) cmd.Transaction = transaction;
-                cmd.ExecuteNonQuery();
-            } catch (Exception ex) {
-                // try to recover
+            using (IDbCommand cmd = PrepareCommand(sqlString, parameters)) {
                 try {
-                    IDbConnection conn = (IDbConnection)Connection.Clone();
-                    if (conn.State != ConnectionState.Open) conn.Open();
-                    cmd.Connection = conn;
+                    if (transaction != null) cmd.Transaction = transaction;
+                    cmd.ExecuteNonQuery();
+                } catch (Exception ex) {
+                    // try to recover
                     try {
-                        cmd.ExecuteNonQuery();
-                    } catch (Exception ex2) {
-                        for (int i = 0; i < 5; i++) {
-                            System.Threading.Thread.Sleep(500);
+                        using (IDbConnection conn = (IDbConnection)Connection.Clone()) {
+                            if (conn.State != ConnectionState.Open) conn.Open();
+                            cmd.Connection = conn;
                             try {
                                 cmd.ExecuteNonQuery();
-                                return;
-                            } catch { }
+                            } catch (Exception ex2) {
+                                for (int i = 0; i < 5; i++) {
+                                    System.Threading.Thread.Sleep(500);
+                                    try {
+                                        cmd.ExecuteNonQuery();
+                                        return;
+                                    } catch { }
+                                }
+                                throw ex2;
+                            }
+                            conn.Close();
                         }
-                        throw ex2;
+                    } catch (Exception ex1) {
+                        throw ex1;
                     }
-                    conn.Close();
-                } catch (Exception ex1) {
-                    throw ex1;
                 }
             }
         }
@@ -158,21 +203,22 @@ public object ExecuteScalar(string sqlString, params object[] parameters) {
 
         public object ExecuteScalar(string sqlString, IDbTransaction transaction, params object[] parameters) {
             object result = null;
-            IDbCommand cmd = PrepareCommand(sqlString, parameters);
-            if (transaction != null) cmd.Transaction = transaction;
-            
-            try {
-                result = cmd.ExecuteScalar();
-            } catch (Exception ex) {
-                for (int i = 0; i < 5; i++) {
-                    // can we recover the problem within a timeout period?
-                    System.Threading.Thread.Sleep(500);
-                    try {
-                        result = cmd.ExecuteScalar();
-                        return result;
-                    } catch { }
+            using (IDbCommand cmd = PrepareCommand(sqlString, parameters)) {
+                if (transaction != null) cmd.Transaction = transaction;
+                
+                try {
+                    result = cmd.ExecuteScalar();
+                } catch (Exception ex) {
+                    for (int i = 0; i < 5; i++) {
+                        // can we recover the problem within a timeout period?
+                        System.Threading.Thread.Sleep(500);
+                        try {
+                            result = cmd.ExecuteScalar();
+                            return result;
+                        } catch { }
+                    }
+                    throw ex;
                 }
-                throw ex;
             }
             return result;
         }
@@ -206,7 +252,17 @@ private void OpenOrCreate() {
             }
         }
 
+        public void CloseConnection() {
+            if (_connection != null && _connection.State == ConnectionState.Open) {
+                _connection.Close();
+            }
+        }
 
+        public void OpenConnection() {
+            if (_connection != null) {
+                _connection.Open();
+            }
+        }
 
     }
 }
diff --git a/Cyberarms.IntrusionDetection.Shared/bin/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.IntrusionDetection.Shared/bin/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..f55bc90
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/bin/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.IntrusionDetection.Shared/bin/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.IntrusionDetection.Shared/bin/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..23381a9
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/bin/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Shared/bin/Release/Cyberarms.IntrusionDetection.Api.xml b/Cyberarms.IntrusionDetection.Shared/bin/Release/Cyberarms.IntrusionDetection.Api.xml
new file mode 100644
index 0000000..b345d21
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Shared/bin/Release/Cyberarms.IntrusionDetection.Api.xml
@@ -0,0 +1,460 @@
+<?xml version="1.0"?>
+<doc>
+    <assembly>
+        <name>Cyberarms.IntrusionDetection.Api</name>
+    </assembly>
+    <members>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase">
+            <summary>
+            This class can be used as base class for custom configuration.
+            Using this base class,Intrusion Detectionautomatically loads and saves configuration values needed by your plugin.
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration">
+            <summary>
+            This interface provídes any property needed forIntrusion Detectionto load and save configuration values for your agent plugin.
+            It is used byIntrusion Detectioninternally, as agent developer, you don't have to care about this interface
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.GetConfigurationType">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.GetConfigurationType">
+            <summary>
+            Returns the type of custom configuration
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings. This must be marked with the System.Xml.Serialization.XmlIgnore() attribute,
+            and the property must ensure to return the right configuration for the plugin.
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.PluginConfigurationXml">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.FileName">
+            <summary>
+            The filename of an agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin">
+            <summary>
+            Base class for agents
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin">
+            <summary>
+            Interface for agents, must be implemented to create aIntrusion Detectionagent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.#ctor">
+            <summary>
+            Initialize the agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnAttackDetected(System.Object,Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+            <summary>
+            Is used to invoke all event listener delegates
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Notification arguments</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStartAgent">
+            <summary>
+            Override this method to do anything required to start your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnPauseAgent">
+            <summary>
+            Override this method to do anything required to pause your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStopAgent">
+            <summary>
+            Override this method to stop your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnContinueAgent">
+            <summary>
+            Override this method to continue your agent from the paused state
+            </summary>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>                
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener">
+            <summary>
+            NotificationReceiver
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener.NotificationReceiver(Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+             <summary>
+            Intrusion Detectioncalls the NotificationReceiver to forward notification event data 
+             </summary>
+             <param name="args"></param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.Names">
+            <summary>
+            Internal class needed for naming
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.Names.pluginTypeNames">
+            <summary>
+            Returns display names 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute">
+            <summary>
+            Custom attribute for plugins to specify displayname and description. 
+            TheIntrusion Detectionadministration software displays the values defined as class attribute
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+            <param name="version">Version number of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.DisplayName">
+            <summary>
+            Display name of your agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Description">
+            <summary>
+            Add a short description about what your agent does
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Version">
+            <summary>
+            Version number of your agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes">
+            <summary>
+            Plugin types
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.Agent">
+            <summary>
+            Type is agent
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.NotificationListener">
+            <summary>
+            Type is Listener
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler">
+            <summary>
+            Event handler for sending intrusion attempts to theIntrusion DetectionService
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Intrusion notification details</param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs">
+            <summary>
+            Notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs">
+            <summary>
+            Base class for notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration">
+            <summary>
+            Base class for plugin configuration settings
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration)">
+            <summary>
+            Clone from another PluginConfiguration of the same type
+            </summary>
+            <param name="source"></param>
+        </member>
+    </members>
+</doc>
diff --git a/Cyberarms.IntrusionDetection.Shared/bin/Release/Cyberarms.IntrusionDetection.Shared.dll b/Cyberarms.IntrusionDetection.Shared/bin/Release/Cyberarms.IntrusionDetection.Shared.dll
new file mode 100644
index 0000000..0aabf2c
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/bin/Release/Cyberarms.IntrusionDetection.Shared.dll differ
diff --git a/Cyberarms.IntrusionDetection.Shared/bin/Release/Cyberarms.IntrusionDetection.Shared.pdb b/Cyberarms.IntrusionDetection.Shared/bin/Release/Cyberarms.IntrusionDetection.Shared.pdb
new file mode 100644
index 0000000..392680c
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/bin/Release/Cyberarms.IntrusionDetection.Shared.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Shared/bin/Release/mscorlib.dll b/Cyberarms.IntrusionDetection.Shared/bin/Release/mscorlib.dll
new file mode 100644
index 0000000..2e8c900
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/bin/Release/mscorlib.dll differ
diff --git a/Cyberarms.IntrusionDetection.Shared/bin/Release/normidna.nlp b/Cyberarms.IntrusionDetection.Shared/bin/Release/normidna.nlp
new file mode 100644
index 0000000..5a69df1
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/bin/Release/normidna.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Shared/bin/Release/normnfc.nlp b/Cyberarms.IntrusionDetection.Shared/bin/Release/normnfc.nlp
new file mode 100644
index 0000000..f198144
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/bin/Release/normnfc.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Shared/bin/Release/normnfd.nlp b/Cyberarms.IntrusionDetection.Shared/bin/Release/normnfd.nlp
new file mode 100644
index 0000000..16e88e1
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/bin/Release/normnfd.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Shared/bin/Release/normnfkc.nlp b/Cyberarms.IntrusionDetection.Shared/bin/Release/normnfkc.nlp
new file mode 100644
index 0000000..55406db
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/bin/Release/normnfkc.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Shared/bin/Release/normnfkd.nlp b/Cyberarms.IntrusionDetection.Shared/bin/Release/normnfkd.nlp
new file mode 100644
index 0000000..b7386c4
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/bin/Release/normnfkd.nlp differ
diff --git a/Cyberarms.IntrusionDetection.Shared/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll b/Cyberarms.IntrusionDetection.Shared/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..619b90c
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/Cyberarms.IntrusionDetection.Shared/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb b/Cyberarms.IntrusionDetection.Shared/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..9c0630b
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Shared/bin/x86/Release/Cyberarms.IntrusionDetection.Shared.dll b/Cyberarms.IntrusionDetection.Shared/bin/x86/Release/Cyberarms.IntrusionDetection.Shared.dll
new file mode 100644
index 0000000..d66902f
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/bin/x86/Release/Cyberarms.IntrusionDetection.Shared.dll differ
diff --git a/Cyberarms.IntrusionDetection.Shared/bin/x86/Release/Cyberarms.IntrusionDetection.Shared.pdb b/Cyberarms.IntrusionDetection.Shared/bin/x86/Release/Cyberarms.IntrusionDetection.Shared.pdb
new file mode 100644
index 0000000..77412ad
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/bin/x86/Release/Cyberarms.IntrusionDetection.Shared.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Shared/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs b/Cyberarms.IntrusionDetection.Shared/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
new file mode 100644
index 0000000..6574ddf
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Shared/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = "")]
diff --git a/Cyberarms.IntrusionDetection.Shared/obj/Release/Cyberarms.IntrusionDetection.Shared.Resources.resources b/Cyberarms.IntrusionDetection.Shared/obj/Release/Cyberarms.IntrusionDetection.Shared.Resources.resources
new file mode 100644
index 0000000..617a701
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/obj/Release/Cyberarms.IntrusionDetection.Shared.Resources.resources differ
diff --git a/Cyberarms.IntrusionDetection.Shared/obj/Release/Cyberarms.IntrusionDetection.Shared.csproj.FileListAbsolute.txt b/Cyberarms.IntrusionDetection.Shared/obj/Release/Cyberarms.IntrusionDetection.Shared.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..933d2ca
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Shared/obj/Release/Cyberarms.IntrusionDetection.Shared.csproj.FileListAbsolute.txt
@@ -0,0 +1,16 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\bin\Release\Cyberarms.IntrusionDetection.Shared.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\bin\Release\Cyberarms.IntrusionDetection.Shared.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\bin\Release\Cyberarms.IntrusionDetection.Api.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\bin\Release\Cyberarms.IntrusionDetection.Api.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\bin\Release\Cyberarms.IntrusionDetection.Api.xml
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\obj\Release\Cyberarms.IntrusionDetection.Shared.Resources.resources
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\obj\Release\Cyberarms.IntrusionDetection.Shared.csproj.GenerateResource.Cache
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\obj\Release\Cyberarms.IntrusionDetection.Shared.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\obj\Release\Cyberarms.IntrusionDetection.Shared.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\bin\Release\mscorlib.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\bin\Release\normidna.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\bin\Release\normnfc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\bin\Release\normnfd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\bin\Release\normnfkc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\bin\Release\normnfkd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\obj\Release\Cyberarms.IntrusionDetection.Shared.csprojResolveAssemblyReference.cache
diff --git a/Cyberarms.IntrusionDetection.Shared/obj/Release/Cyberarms.IntrusionDetection.Shared.csproj.GenerateResource.Cache b/Cyberarms.IntrusionDetection.Shared/obj/Release/Cyberarms.IntrusionDetection.Shared.csproj.GenerateResource.Cache
new file mode 100644
index 0000000..a9e259d
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/obj/Release/Cyberarms.IntrusionDetection.Shared.csproj.GenerateResource.Cache differ
diff --git a/Cyberarms.IntrusionDetection.Shared/obj/Release/Cyberarms.IntrusionDetection.Shared.csprojResolveAssemblyReference.cache b/Cyberarms.IntrusionDetection.Shared/obj/Release/Cyberarms.IntrusionDetection.Shared.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..a6f5257
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/obj/Release/Cyberarms.IntrusionDetection.Shared.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.IntrusionDetection.Shared/obj/Release/Cyberarms.IntrusionDetection.Shared.dll b/Cyberarms.IntrusionDetection.Shared/obj/Release/Cyberarms.IntrusionDetection.Shared.dll
new file mode 100644
index 0000000..0aabf2c
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/obj/Release/Cyberarms.IntrusionDetection.Shared.dll differ
diff --git a/Cyberarms.IntrusionDetection.Shared/obj/Release/Cyberarms.IntrusionDetection.Shared.pdb b/Cyberarms.IntrusionDetection.Shared/obj/Release/Cyberarms.IntrusionDetection.Shared.pdb
new file mode 100644
index 0000000..392680c
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/obj/Release/Cyberarms.IntrusionDetection.Shared.pdb differ
diff --git a/Cyberarms.IntrusionDetection.Shared/obj/x86/Release/Cyberarms.IntrusionDetection.Shared.Resources.resources b/Cyberarms.IntrusionDetection.Shared/obj/x86/Release/Cyberarms.IntrusionDetection.Shared.Resources.resources
new file mode 100644
index 0000000..617a701
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/obj/x86/Release/Cyberarms.IntrusionDetection.Shared.Resources.resources differ
diff --git a/Cyberarms.IntrusionDetection.Shared/obj/x86/Release/Cyberarms.IntrusionDetection.Shared.csproj.FileListAbsolute.txt b/Cyberarms.IntrusionDetection.Shared/obj/x86/Release/Cyberarms.IntrusionDetection.Shared.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..e9eb0db
--- /dev/null
+++ b/Cyberarms.IntrusionDetection.Shared/obj/x86/Release/Cyberarms.IntrusionDetection.Shared.csproj.FileListAbsolute.txt
@@ -0,0 +1,9 @@
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\bin\x86\Release\Cyberarms.IntrusionDetection.Shared.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\bin\x86\Release\Cyberarms.IntrusionDetection.Shared.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\bin\x86\Release\Cyberarms.IntrusionDetection.Api.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\bin\x86\Release\Cyberarms.IntrusionDetection.Api.pdb
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\obj\x86\Release\Cyberarms.IntrusionDetection.Shared.csprojResolveAssemblyReference.cache
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\obj\x86\Release\Cyberarms.IntrusionDetection.Shared.Resources.resources
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\obj\x86\Release\Cyberarms.IntrusionDetection.Shared.csproj.GenerateResource.Cache
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\obj\x86\Release\Cyberarms.IntrusionDetection.Shared.dll
+c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Shared\obj\x86\Release\Cyberarms.IntrusionDetection.Shared.pdb
diff --git a/Cyberarms.IntrusionDetection.Shared/obj/x86/Release/Cyberarms.IntrusionDetection.Shared.csproj.GenerateResource.Cache b/Cyberarms.IntrusionDetection.Shared/obj/x86/Release/Cyberarms.IntrusionDetection.Shared.csproj.GenerateResource.Cache
new file mode 100644
index 0000000..a9e259d
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/obj/x86/Release/Cyberarms.IntrusionDetection.Shared.csproj.GenerateResource.Cache differ
diff --git a/Cyberarms.IntrusionDetection.Shared/obj/x86/Release/Cyberarms.IntrusionDetection.Shared.csprojResolveAssemblyReference.cache b/Cyberarms.IntrusionDetection.Shared/obj/x86/Release/Cyberarms.IntrusionDetection.Shared.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..baeda40
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/obj/x86/Release/Cyberarms.IntrusionDetection.Shared.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.IntrusionDetection.Shared/obj/x86/Release/Cyberarms.IntrusionDetection.Shared.dll b/Cyberarms.IntrusionDetection.Shared/obj/x86/Release/Cyberarms.IntrusionDetection.Shared.dll
new file mode 100644
index 0000000..d66902f
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/obj/x86/Release/Cyberarms.IntrusionDetection.Shared.dll differ
diff --git a/Cyberarms.IntrusionDetection.Shared/obj/x86/Release/Cyberarms.IntrusionDetection.Shared.pdb b/Cyberarms.IntrusionDetection.Shared/obj/x86/Release/Cyberarms.IntrusionDetection.Shared.pdb
new file mode 100644
index 0000000..77412ad
Binary files /dev/null and b/Cyberarms.IntrusionDetection.Shared/obj/x86/Release/Cyberarms.IntrusionDetection.Shared.pdb differ
diff --git a/Cyberarms.WebSecurity/Cyberarms.WebSecurity.csproj b/Cyberarms.WebSecurity/Cyberarms.WebSecurity.csproj
index 9ebe23f..af5da3a 100644
--- a/Cyberarms.WebSecurity/Cyberarms.WebSecurity.csproj
+++ b/Cyberarms.WebSecurity/Cyberarms.WebSecurity.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Cyberarms.WebSecurity</RootNamespace>
     <AssemblyName>Cyberarms.WebSecurity</AssemblyName>
-    <TargetFrameworkVersion>v2.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
     <SccLocalPath>SAK</SccLocalPath>
@@ -68,4 +68,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/Cyberarms.WebSecurity/bin/Release/Cyberarms.WebSecurity.dll b/Cyberarms.WebSecurity/bin/Release/Cyberarms.WebSecurity.dll
new file mode 100644
index 0000000..cc45210
Binary files /dev/null and b/Cyberarms.WebSecurity/bin/Release/Cyberarms.WebSecurity.dll differ
diff --git a/Cyberarms.WebSecurity/bin/Release/Cyberarms.WebSecurity.pdb b/Cyberarms.WebSecurity/bin/Release/Cyberarms.WebSecurity.pdb
new file mode 100644
index 0000000..dd99472
Binary files /dev/null and b/Cyberarms.WebSecurity/bin/Release/Cyberarms.WebSecurity.pdb differ
diff --git a/Cyberarms.WebSecurity/bin/Release/mscorlib.dll b/Cyberarms.WebSecurity/bin/Release/mscorlib.dll
new file mode 100644
index 0000000..2e8c900
Binary files /dev/null and b/Cyberarms.WebSecurity/bin/Release/mscorlib.dll differ
diff --git a/Cyberarms.WebSecurity/bin/Release/normidna.nlp b/Cyberarms.WebSecurity/bin/Release/normidna.nlp
new file mode 100644
index 0000000..5a69df1
Binary files /dev/null and b/Cyberarms.WebSecurity/bin/Release/normidna.nlp differ
diff --git a/Cyberarms.WebSecurity/bin/Release/normnfc.nlp b/Cyberarms.WebSecurity/bin/Release/normnfc.nlp
new file mode 100644
index 0000000..f198144
Binary files /dev/null and b/Cyberarms.WebSecurity/bin/Release/normnfc.nlp differ
diff --git a/Cyberarms.WebSecurity/bin/Release/normnfd.nlp b/Cyberarms.WebSecurity/bin/Release/normnfd.nlp
new file mode 100644
index 0000000..16e88e1
Binary files /dev/null and b/Cyberarms.WebSecurity/bin/Release/normnfd.nlp differ
diff --git a/Cyberarms.WebSecurity/bin/Release/normnfkc.nlp b/Cyberarms.WebSecurity/bin/Release/normnfkc.nlp
new file mode 100644
index 0000000..55406db
Binary files /dev/null and b/Cyberarms.WebSecurity/bin/Release/normnfkc.nlp differ
diff --git a/Cyberarms.WebSecurity/bin/Release/normnfkd.nlp b/Cyberarms.WebSecurity/bin/Release/normnfkd.nlp
new file mode 100644
index 0000000..b7386c4
Binary files /dev/null and b/Cyberarms.WebSecurity/bin/Release/normnfkd.nlp differ
diff --git a/Cyberarms.WebSecurity/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs b/Cyberarms.WebSecurity/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
new file mode 100644
index 0000000..6574ddf
--- /dev/null
+++ b/Cyberarms.WebSecurity/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = "")]
diff --git a/Cyberarms.WebSecurity/obj/Release/Cyberarms.WebSecurity.csproj.FileListAbsolute.txt b/Cyberarms.WebSecurity/obj/Release/Cyberarms.WebSecurity.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..25f7ddd
--- /dev/null
+++ b/Cyberarms.WebSecurity/obj/Release/Cyberarms.WebSecurity.csproj.FileListAbsolute.txt
@@ -0,0 +1,11 @@
+C:\Cyberarms\Cyberarms-master\Cyberarms.WebSecurity\bin\Release\Cyberarms.WebSecurity.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.WebSecurity\bin\Release\Cyberarms.WebSecurity.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.WebSecurity\obj\Release\Cyberarms.WebSecurity.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.WebSecurity\obj\Release\Cyberarms.WebSecurity.pdb
+C:\Cyberarms\Cyberarms-master\Cyberarms.WebSecurity\bin\Release\mscorlib.dll
+C:\Cyberarms\Cyberarms-master\Cyberarms.WebSecurity\bin\Release\normidna.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.WebSecurity\bin\Release\normnfc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.WebSecurity\bin\Release\normnfd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.WebSecurity\bin\Release\normnfkc.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.WebSecurity\bin\Release\normnfkd.nlp
+C:\Cyberarms\Cyberarms-master\Cyberarms.WebSecurity\obj\Release\Cyberarms.WebSecurity.csprojResolveAssemblyReference.cache
diff --git a/Cyberarms.WebSecurity/obj/Release/Cyberarms.WebSecurity.csprojResolveAssemblyReference.cache b/Cyberarms.WebSecurity/obj/Release/Cyberarms.WebSecurity.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..a4ef1a6
Binary files /dev/null and b/Cyberarms.WebSecurity/obj/Release/Cyberarms.WebSecurity.csprojResolveAssemblyReference.cache differ
diff --git a/Cyberarms.WebSecurity/obj/Release/Cyberarms.WebSecurity.dll b/Cyberarms.WebSecurity/obj/Release/Cyberarms.WebSecurity.dll
new file mode 100644
index 0000000..cc45210
Binary files /dev/null and b/Cyberarms.WebSecurity/obj/Release/Cyberarms.WebSecurity.dll differ
diff --git a/Cyberarms.WebSecurity/obj/Release/Cyberarms.WebSecurity.pdb b/Cyberarms.WebSecurity/obj/Release/Cyberarms.WebSecurity.pdb
new file mode 100644
index 0000000..dd99472
Binary files /dev/null and b/Cyberarms.WebSecurity/obj/Release/Cyberarms.WebSecurity.pdb differ
diff --git a/DemoAgent/DemoAgent.csproj b/DemoAgent/DemoAgent.csproj
index a1741a1..7a8bb59 100644
--- a/DemoAgent/DemoAgent.csproj
+++ b/DemoAgent/DemoAgent.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>DemoAgent</RootNamespace>
     <AssemblyName>DemoAgent</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
     <SccLocalPath>SAK</SccLocalPath>
@@ -121,4 +121,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/DemoAgent/bin/Release/Cyberarms.IntrusionDetection.Api.dll b/DemoAgent/bin/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..1647cea
Binary files /dev/null and b/DemoAgent/bin/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/DemoAgent/bin/Release/Cyberarms.IntrusionDetection.Api.pdb b/DemoAgent/bin/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..0b7344f
Binary files /dev/null and b/DemoAgent/bin/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/DemoAgent/bin/Release/Cyberarms.IntrusionDetection.Api.xml b/DemoAgent/bin/Release/Cyberarms.IntrusionDetection.Api.xml
new file mode 100644
index 0000000..b345d21
--- /dev/null
+++ b/DemoAgent/bin/Release/Cyberarms.IntrusionDetection.Api.xml
@@ -0,0 +1,460 @@
+<?xml version="1.0"?>
+<doc>
+    <assembly>
+        <name>Cyberarms.IntrusionDetection.Api</name>
+    </assembly>
+    <members>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase">
+            <summary>
+            This class can be used as base class for custom configuration.
+            Using this base class,Intrusion Detectionautomatically loads and saves configuration values needed by your plugin.
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration">
+            <summary>
+            This interface provídes any property needed forIntrusion Detectionto load and save configuration values for your agent plugin.
+            It is used byIntrusion Detectioninternally, as agent developer, you don't have to care about this interface
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.GetConfigurationType">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.IAgentConfiguration)">
+            <summary>
+            Used to clone objects
+            </summary>
+            <param name="source"></param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.GetConfigurationType">
+            <summary>
+            Returns the type of custom configuration
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AssemblyName">
+            <summary>
+            The name of your assembly, this property is used byIntrusion Detectionand is set automatically when adding your plugin toIntrusion Detectionplugins
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentName">
+            <summary>
+            The name of your agent, used by Intrusion Detection
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.Enabled">
+            <summary>
+            Is used to check if the agent should be loaded by IntrusionDetection. This value is set by theIntrusion Detectionadministration software
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.AgentSettings">
+            <summary>
+            Agent settings containing your custom settings. This must be marked with the System.Xml.Serialization.XmlIgnore() attribute,
+            and the property must ensure to return the right configuration for the plugin.
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.ConfigurationSettingsTypeName">
+            <summary>
+            String value of your custom configuration settings type. 
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.PluginConfigurationXml">
+            <summary>
+            Returns the configuration type
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockDurationHrs">
+            <summary>
+            Override of hard lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.HardLockAttempts">
+            <summary>
+            Override of hard lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockDurationMins">
+            <summary>
+            Override of soft lock duration
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.SoftLockAttempts">
+            <summary>
+            Override value for soft lock attempts
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.OverwriteConfiguration">
+            <summary>
+            ConfigureIntrusion Detectionto use custom settings for this agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.NeverUnlock">
+            <summary>
+            Override of hard lock setting to never unlock an attacker's IP address
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentConfigurationBase.FileName">
+            <summary>
+            The filename of an agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin">
+            <summary>
+            Base class for agents
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin">
+            <summary>
+            Interface for agents, must be implemented to create aIntrusion Detectionagent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.IAgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.#ctor">
+            <summary>
+            Initialize the agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnAttackDetected(System.Object,Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+            <summary>
+            Is used to invoke all event listener delegates
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Notification arguments</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Start">
+            <summary>
+            Agent start command, is called when the service starts
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Stop">
+            <summary>
+            Agent stop command, is called when the service stops
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Pause">
+            <summary>
+            Agent pause command, is called when the service is paused
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Continue">
+            <summary>
+            Agent continue command to resume from pause
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanPause">
+            <summary>
+            Returns if the agent supports pause
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.CanContinue">
+            <summary>
+            Returns if the agent can be continued at this time
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStartAgent">
+            <summary>
+            Override this method to do anything required to start your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnPauseAgent">
+            <summary>
+            Override this method to do anything required to pause your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnStopAgent">
+            <summary>
+            Override this method to stop your agent
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.OnContinueAgent">
+            <summary>
+            Override this method to continue your agent from the paused state
+            </summary>
+        </member>
+        <member name="E:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.AttackDetected">
+            <summary>
+            The AttackDetected Event, using AttackDetectedHandler
+            </summary>
+            <seealso cref="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler"/>                
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsPaused">
+            <summary>
+            Returns if the agent is in paused state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.IsRunning">
+            <summary>
+            Returns if the agent is in the running state
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.AgentPlugin.Configuration">
+            <summary>
+            Agent configuration, usually AgentConfigurationBase, which can be used by the administration program by default without any alteration
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener">
+            <summary>
+            NotificationReceiver
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.INotificationListener.NotificationReceiver(Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs)">
+             <summary>
+            Intrusion Detectioncalls the NotificationReceiver to forward notification event data 
+             </summary>
+             <param name="args"></param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.Names">
+            <summary>
+            Internal class needed for naming
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.Names.pluginTypeNames">
+            <summary>
+            Returns display names 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute">
+            <summary>
+            Custom attribute for plugins to specify displayname and description. 
+            TheIntrusion Detectionadministration software displays the values defined as class attribute
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+            <param name="version">Version number of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String,System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+            <param name="description">Short description of the agent</param>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.#ctor(System.String)">
+            <summary>
+            This attribute is displayed in theIntrusion Detectionadministration software
+            </summary>
+            <param name="displayName">Name to display in the administration software</param>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.DisplayName">
+            <summary>
+            Display name of your agent
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Description">
+            <summary>
+            Add a short description about what your agent does
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.PluginAttribute.Version">
+            <summary>
+            Version number of your agent
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes">
+            <summary>
+            Plugin types
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.Agent">
+            <summary>
+            Type is agent
+            </summary>
+        </member>
+        <member name="F:Cyberarms.IntrusionDetection.Api.Plugin.PluginTypes.NotificationListener">
+            <summary>
+            Type is Listener
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.AttackDetectedHandler">
+            <summary>
+            Event handler for sending intrusion attempts to theIntrusion DetectionService
+            </summary>
+            <param name="sender">The agent itself</param>
+            <param name="data">Intrusion notification details</param>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs">
+            <summary>
+            Notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.INotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs">
+            <summary>
+            Base class for notification arguments containing attacker information
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.IpAddress">
+            <summary>
+            IP address of the attacker. This can be in TCP/IP version 4 (123.123.123.123 format, dotted notation) or TCP/IP version 6 (abab:abab::1234:abcd format, 128 bits)
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.CreateDate">
+            <summary>
+            Notification date
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventId">
+            <summary>
+            Event id, for internal purposes. You can include an own Id of forward a log event id
+            </summary>
+        </member>
+        <member name="P:Cyberarms.IntrusionDetection.Api.Plugin.NotificationEventArgs.EventMessage">
+            <summary>
+            Optionally include a message to an event listener. 
+            </summary>
+        </member>
+        <member name="T:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration">
+            <summary>
+            Base class for plugin configuration settings
+            </summary>
+        </member>
+        <member name="M:Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration.CloneFrom(Cyberarms.IntrusionDetection.Api.Plugin.PluginConfiguration)">
+            <summary>
+            Clone from another PluginConfiguration of the same type
+            </summary>
+            <param name="source"></param>
+        </member>
+    </members>
+</doc>
diff --git a/DemoAgent/bin/Release/DemoAgent.dll b/DemoAgent/bin/Release/DemoAgent.dll
new file mode 100644
index 0000000..da5f5d2
Binary files /dev/null and b/DemoAgent/bin/Release/DemoAgent.dll differ
diff --git a/DemoAgent/bin/Release/DemoAgent.pdb b/DemoAgent/bin/Release/DemoAgent.pdb
new file mode 100644
index 0000000..29813c8
Binary files /dev/null and b/DemoAgent/bin/Release/DemoAgent.pdb differ
diff --git a/DemoAgent/bin/Release/mscorlib.dll b/DemoAgent/bin/Release/mscorlib.dll
new file mode 100644
index 0000000..2e8c900
Binary files /dev/null and b/DemoAgent/bin/Release/mscorlib.dll differ
diff --git a/DemoAgent/bin/Release/normidna.nlp b/DemoAgent/bin/Release/normidna.nlp
new file mode 100644
index 0000000..5a69df1
Binary files /dev/null and b/DemoAgent/bin/Release/normidna.nlp differ
diff --git a/DemoAgent/bin/Release/normnfc.nlp b/DemoAgent/bin/Release/normnfc.nlp
new file mode 100644
index 0000000..f198144
Binary files /dev/null and b/DemoAgent/bin/Release/normnfc.nlp differ
diff --git a/DemoAgent/bin/Release/normnfd.nlp b/DemoAgent/bin/Release/normnfd.nlp
new file mode 100644
index 0000000..16e88e1
Binary files /dev/null and b/DemoAgent/bin/Release/normnfd.nlp differ
diff --git a/DemoAgent/bin/Release/normnfkc.nlp b/DemoAgent/bin/Release/normnfkc.nlp
new file mode 100644
index 0000000..55406db
Binary files /dev/null and b/DemoAgent/bin/Release/normnfkc.nlp differ
diff --git a/DemoAgent/bin/Release/normnfkd.nlp b/DemoAgent/bin/Release/normnfkd.nlp
new file mode 100644
index 0000000..b7386c4
Binary files /dev/null and b/DemoAgent/bin/Release/normnfkd.nlp differ
diff --git a/DemoAgent/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll b/DemoAgent/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..6b529ec
Binary files /dev/null and b/DemoAgent/bin/x86/Release/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/DemoAgent/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb b/DemoAgent/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb
new file mode 100644
index 0000000..749164b
Binary files /dev/null and b/DemoAgent/bin/x86/Release/Cyberarms.IntrusionDetection.Api.pdb differ
diff --git a/DemoAgent/bin/x86/Release/DemoAgent.dll b/DemoAgent/bin/x86/Release/DemoAgent.dll
new file mode 100644
index 0000000..d65583e
Binary files /dev/null and b/DemoAgent/bin/x86/Release/DemoAgent.dll differ
diff --git a/DemoAgent/bin/x86/Release/DemoAgent.pdb b/DemoAgent/bin/x86/Release/DemoAgent.pdb
new file mode 100644
index 0000000..2f632a7
Binary files /dev/null and b/DemoAgent/bin/x86/Release/DemoAgent.pdb differ
diff --git a/DemoAgent/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs b/DemoAgent/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
new file mode 100644
index 0000000..6574ddf
--- /dev/null
+++ b/DemoAgent/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = "")]
diff --git a/DemoAgent/obj/Release/DemoAgent.csproj.FileListAbsolute.txt b/DemoAgent/obj/Release/DemoAgent.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..2f8e58f
--- /dev/null
+++ b/DemoAgent/obj/Release/DemoAgent.csproj.FileListAbsolute.txt
@@ -0,0 +1,13 @@
+C:\Cyberarms\Cyberarms-master\DemoAgent\bin\Release\DemoAgent.dll
+C:\Cyberarms\Cyberarms-master\DemoAgent\bin\Release\DemoAgent.pdb
+C:\Cyberarms\Cyberarms-master\DemoAgent\bin\Release\Cyberarms.IntrusionDetection.Api.dll
+C:\Cyberarms\Cyberarms-master\DemoAgent\bin\Release\Cyberarms.IntrusionDetection.Api.pdb
+C:\Cyberarms\Cyberarms-master\DemoAgent\bin\Release\Cyberarms.IntrusionDetection.Api.xml
+C:\Cyberarms\Cyberarms-master\DemoAgent\obj\Release\DemoAgent.dll
+C:\Cyberarms\Cyberarms-master\DemoAgent\obj\Release\DemoAgent.pdb
+C:\Cyberarms\Cyberarms-master\DemoAgent\bin\Release\mscorlib.dll
+C:\Cyberarms\Cyberarms-master\DemoAgent\bin\Release\normidna.nlp
+C:\Cyberarms\Cyberarms-master\DemoAgent\bin\Release\normnfc.nlp
+C:\Cyberarms\Cyberarms-master\DemoAgent\bin\Release\normnfd.nlp
+C:\Cyberarms\Cyberarms-master\DemoAgent\bin\Release\normnfkc.nlp
+C:\Cyberarms\Cyberarms-master\DemoAgent\bin\Release\normnfkd.nlp
diff --git a/DemoAgent/obj/Release/DemoAgent.dll b/DemoAgent/obj/Release/DemoAgent.dll
new file mode 100644
index 0000000..da5f5d2
Binary files /dev/null and b/DemoAgent/obj/Release/DemoAgent.dll differ
diff --git a/DemoAgent/obj/Release/DemoAgent.pdb b/DemoAgent/obj/Release/DemoAgent.pdb
new file mode 100644
index 0000000..29813c8
Binary files /dev/null and b/DemoAgent/obj/Release/DemoAgent.pdb differ
diff --git a/DemoAgent/obj/x86/Release/DemoAgent.csproj.FileListAbsolute.txt b/DemoAgent/obj/x86/Release/DemoAgent.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..da1a81c
--- /dev/null
+++ b/DemoAgent/obj/x86/Release/DemoAgent.csproj.FileListAbsolute.txt
@@ -0,0 +1,6 @@
+c:\Cyberarms\Cyberarms-master\DemoAgent\bin\x86\Release\DemoAgent.dll
+c:\Cyberarms\Cyberarms-master\DemoAgent\bin\x86\Release\DemoAgent.pdb
+c:\Cyberarms\Cyberarms-master\DemoAgent\bin\x86\Release\Cyberarms.IntrusionDetection.Api.dll
+c:\Cyberarms\Cyberarms-master\DemoAgent\bin\x86\Release\Cyberarms.IntrusionDetection.Api.pdb
+c:\Cyberarms\Cyberarms-master\DemoAgent\obj\x86\Release\DemoAgent.dll
+c:\Cyberarms\Cyberarms-master\DemoAgent\obj\x86\Release\DemoAgent.pdb
diff --git a/DemoAgent/obj/x86/Release/DemoAgent.dll b/DemoAgent/obj/x86/Release/DemoAgent.dll
new file mode 100644
index 0000000..d65583e
Binary files /dev/null and b/DemoAgent/obj/x86/Release/DemoAgent.dll differ
diff --git a/DemoAgent/obj/x86/Release/DemoAgent.pdb b/DemoAgent/obj/x86/Release/DemoAgent.pdb
new file mode 100644
index 0000000..2f632a7
Binary files /dev/null and b/DemoAgent/obj/x86/Release/DemoAgent.pdb differ
diff --git a/Dependencies/SQLite/SQLite.Interop.dll b/Dependencies/SQLite/SQLite.Interop.dll
new file mode 100644
index 0000000..1e4490d
Binary files /dev/null and b/Dependencies/SQLite/SQLite.Interop.dll differ
diff --git a/Dependencies/SQLite/System.Data.SQLite.dll b/Dependencies/SQLite/System.Data.SQLite.dll
new file mode 100644
index 0000000..4f5314c
Binary files /dev/null and b/Dependencies/SQLite/System.Data.SQLite.dll differ
diff --git a/EventLogCleaner/EventLogCleaner.csproj b/EventLogCleaner/EventLogCleaner.csproj
index c6f11cb..c974cc0 100644
--- a/EventLogCleaner/EventLogCleaner.csproj
+++ b/EventLogCleaner/EventLogCleaner.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>EventLogCleaner</RootNamespace>
     <AssemblyName>EventLogCleaner</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <TargetFrameworkProfile>Client</TargetFrameworkProfile>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
@@ -104,4 +104,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/EventLogCleaner/bin/Release/EventLogCleaner.exe b/EventLogCleaner/bin/Release/EventLogCleaner.exe
new file mode 100644
index 0000000..ab29a8c
Binary files /dev/null and b/EventLogCleaner/bin/Release/EventLogCleaner.exe differ
diff --git a/EventLogCleaner/bin/Release/EventLogCleaner.pdb b/EventLogCleaner/bin/Release/EventLogCleaner.pdb
new file mode 100644
index 0000000..5eef078
Binary files /dev/null and b/EventLogCleaner/bin/Release/EventLogCleaner.pdb differ
diff --git a/EventLogCleaner/obj/x86/Release/.NETFramework,Version=v4.8,Profile=Client.AssemblyAttributes.cs b/EventLogCleaner/obj/x86/Release/.NETFramework,Version=v4.8,Profile=Client.AssemblyAttributes.cs
new file mode 100644
index 0000000..fc37109
--- /dev/null
+++ b/EventLogCleaner/obj/x86/Release/.NETFramework,Version=v4.8,Profile=Client.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8,Profile=Client", FrameworkDisplayName = "")]
diff --git a/EventLogCleaner/obj/x86/Release/EventLogCleaner.csproj.FileListAbsolute.txt b/EventLogCleaner/obj/x86/Release/EventLogCleaner.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..a38e333
--- /dev/null
+++ b/EventLogCleaner/obj/x86/Release/EventLogCleaner.csproj.FileListAbsolute.txt
@@ -0,0 +1,4 @@
+C:\Cyberarms\Cyberarms-master\EventLogCleaner\bin\Release\EventLogCleaner.exe
+C:\Cyberarms\Cyberarms-master\EventLogCleaner\bin\Release\EventLogCleaner.pdb
+C:\Cyberarms\Cyberarms-master\EventLogCleaner\obj\x86\Release\EventLogCleaner.exe
+C:\Cyberarms\Cyberarms-master\EventLogCleaner\obj\x86\Release\EventLogCleaner.pdb
diff --git a/EventLogCleaner/obj/x86/Release/EventLogCleaner.exe b/EventLogCleaner/obj/x86/Release/EventLogCleaner.exe
new file mode 100644
index 0000000..ab29a8c
Binary files /dev/null and b/EventLogCleaner/obj/x86/Release/EventLogCleaner.exe differ
diff --git a/EventLogCleaner/obj/x86/Release/EventLogCleaner.pdb b/EventLogCleaner/obj/x86/Release/EventLogCleaner.pdb
new file mode 100644
index 0000000..5eef078
Binary files /dev/null and b/EventLogCleaner/obj/x86/Release/EventLogCleaner.pdb differ
diff --git a/MailServerTest/MailServerTest.csproj b/MailServerTest/MailServerTest.csproj
index ca29369..7d0201b 100644
--- a/MailServerTest/MailServerTest.csproj
+++ b/MailServerTest/MailServerTest.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>MailServerTest</RootNamespace>
     <AssemblyName>MailServerTest</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <TargetFrameworkProfile>Client</TargetFrameworkProfile>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
@@ -106,4 +106,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/MailServerTest/obj/x86/Release/.NETFramework,Version=v4.8,Profile=Client.AssemblyAttributes.cs b/MailServerTest/obj/x86/Release/.NETFramework,Version=v4.8,Profile=Client.AssemblyAttributes.cs
new file mode 100644
index 0000000..fc37109
--- /dev/null
+++ b/MailServerTest/obj/x86/Release/.NETFramework,Version=v4.8,Profile=Client.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8,Profile=Client", FrameworkDisplayName = "")]
diff --git a/MailServerTest/obj/x86/Release/MailServerTest.csproj.FileListAbsolute.txt b/MailServerTest/obj/x86/Release/MailServerTest.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..57256a1
--- /dev/null
+++ b/MailServerTest/obj/x86/Release/MailServerTest.csproj.FileListAbsolute.txt
@@ -0,0 +1,10 @@
+C:\Cyberarms\Cyberarms-master\MailServerTest\bin\Release\MailServerTest.exe
+C:\Cyberarms\Cyberarms-master\MailServerTest\bin\Release\MailServerTest.pdb
+C:\Cyberarms\Cyberarms-master\MailServerTest\bin\Release\Cyberarms.Agents.MailServer.dll
+C:\Cyberarms\Cyberarms-master\MailServerTest\bin\Release\Cyberarms.IntrusionDetection.Api.dll
+C:\Cyberarms\Cyberarms-master\MailServerTest\bin\Release\Cyberarms.Agents.MailServer.pdb
+C:\Cyberarms\Cyberarms-master\MailServerTest\bin\Release\Cyberarms.IntrusionDetection.Api.pdb
+C:\Cyberarms\Cyberarms-master\MailServerTest\bin\Release\Cyberarms.IntrusionDetection.Api.xml
+C:\Cyberarms\Cyberarms-master\MailServerTest\obj\x86\Release\MailServerTest.exe
+C:\Cyberarms\Cyberarms-master\MailServerTest\obj\x86\Release\MailServerTest.pdb
+C:\Cyberarms\Cyberarms-master\MailServerTest\obj\x86\Release\MailServerTest.csprojResolveAssemblyReference.cache
diff --git a/README.md b/README.md
index 04a5a50..aacfe50 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,5 @@
 # Cyberarms
-IDDS is a free and open source intrusion detection and prevention system for Windows Server 2008 R2 and later. 
+IDDS is a free and open source intrusion detection and prevention system for Windows Server 2008 R2 and later. In this fork intruder IP blocking method has been shifted from Windows Defender Firewall based blocking to routing table based Blackhole Routing. Also this version is compatible with Windows Server 2022 and 2025.
 
 # Note
 
@@ -15,6 +15,10 @@ If you want the installer of the program (compiled version), then go here:
 
 https://github.com/EFTEC/Cyberarms/blob/master/Compiled/cyberarms.intrusiondetection.setup.x64_2.2.0.zip
 
+Installer for compiled binery of the forked version is available here:
+
+https://github.com/jaybratab/Cyberarms/blob/0a0f8f37c9875be927e701085cc04dd69ce7962a/Cyberarms-Release-2.2.0.zip
+
 
 
 
diff --git a/ReleasePackage/README.txt b/ReleasePackage/README.txt
new file mode 100644
index 0000000..a92bbd9
--- /dev/null
+++ b/ReleasePackage/README.txt
@@ -0,0 +1,23 @@
+============================================================
+Cyberarms Intrusion Detection and Prevention - Release 2.2.0
+============================================================
+
+This package contains the Cyberarms background service, administration
+console, and command line tools configured to use Null Routing based blocking.
+
+Prerequisites:
+- Windows Server 2008 R2, 2012, 2016, 2019, 2022, or 2025.
+- .NET Framework 4.8 or later installed.
+- Administrator privileges on the machine.
+
+Installation:
+1. Right-click on "install.bat" and select "Run as administrator".
+2. Confirm the UAC prompt.
+3. The installer will copy files to C:\Program Files\Cyberarms Intrusion Detection,
+   register and start the background service, and create desktop shortcuts.
+
+Uninstallation:
+1. Right-click on "uninstall.bat" and select "Run as administrator".
+2. Confirm the UAC prompt.
+3. The uninstaller will stop and remove the background service and clean up
+   all deployed files and shortcuts.
diff --git a/ReleasePackage/bin/Cyberarms.IntrusionDetection.Api.dll b/ReleasePackage/bin/Cyberarms.IntrusionDetection.Api.dll
new file mode 100644
index 0000000..aaff0d4
Binary files /dev/null and b/ReleasePackage/bin/Cyberarms.IntrusionDetection.Api.dll differ
diff --git a/ReleasePackage/bin/Cyberarms.IntrusionDetection.Shared.dll b/ReleasePackage/bin/Cyberarms.IntrusionDetection.Shared.dll
new file mode 100644
index 0000000..ab082a8
Binary files /dev/null and b/ReleasePackage/bin/Cyberarms.IntrusionDetection.Shared.dll differ
diff --git a/ReleasePackage/bin/Cyberarms.WebSecurity.dll b/ReleasePackage/bin/Cyberarms.WebSecurity.dll
new file mode 100644
index 0000000..cc45210
Binary files /dev/null and b/ReleasePackage/bin/Cyberarms.WebSecurity.dll differ
diff --git a/ReleasePackage/bin/CyberarmsIdsCmd.exe b/ReleasePackage/bin/CyberarmsIdsCmd.exe
new file mode 100644
index 0000000..04e1fdb
Binary files /dev/null and b/ReleasePackage/bin/CyberarmsIdsCmd.exe differ
diff --git a/ReleasePackage/bin/CyberarmsIdsCmd.exe.config b/ReleasePackage/bin/CyberarmsIdsCmd.exe.config
new file mode 100644
index 0000000..a1195e1
--- /dev/null
+++ b/ReleasePackage/bin/CyberarmsIdsCmd.exe.config
@@ -0,0 +1,14 @@
+<?xml version="1.0"?>
+<configuration>
+  <startup>
+    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>
+  </startup>
+  <runtime>
+    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+      <dependentAssembly>
+        <assemblyIdentity name="System.Data.SQLite" publicKeyToken="db937bc2d44ff139" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-2.0.0.0" newVersion="1.0.112.1" />
+      </dependentAssembly>
+    </assemblyBinding>
+  </runtime>
+</configuration>
diff --git a/ReleasePackage/bin/CyberarmsIdsService.exe b/ReleasePackage/bin/CyberarmsIdsService.exe
new file mode 100644
index 0000000..2b8864b
Binary files /dev/null and b/ReleasePackage/bin/CyberarmsIdsService.exe differ
diff --git a/ReleasePackage/bin/CyberarmsIdsService.exe.config b/ReleasePackage/bin/CyberarmsIdsService.exe.config
new file mode 100644
index 0000000..ddbae24
--- /dev/null
+++ b/ReleasePackage/bin/CyberarmsIdsService.exe.config
@@ -0,0 +1,16 @@
+<?xml version="1.0"?>
+<configuration>
+<startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/></startup>
+  <appSettings>
+    <add key="PluginConfigurationFilename" value="plugins.sxml"/>
+  </appSettings>
+  <runtime>
+    <loadFromRemoteSources enabled="true"/>
+    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+      <dependentAssembly>
+        <assemblyIdentity name="System.Data.SQLite" publicKeyToken="db937bc2d44ff139" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-2.0.0.0" newVersion="1.0.112.1" />
+      </dependentAssembly>
+    </assemblyBinding>
+  </runtime>
+</configuration>
diff --git a/ReleasePackage/bin/EventLogCleaner.exe b/ReleasePackage/bin/EventLogCleaner.exe
new file mode 100644
index 0000000..ab29a8c
Binary files /dev/null and b/ReleasePackage/bin/EventLogCleaner.exe differ
diff --git a/ReleasePackage/bin/IntrusionDetectionAdmin.exe b/ReleasePackage/bin/IntrusionDetectionAdmin.exe
new file mode 100644
index 0000000..c589d0c
Binary files /dev/null and b/ReleasePackage/bin/IntrusionDetectionAdmin.exe differ
diff --git a/ReleasePackage/bin/IntrusionDetectionAdmin.exe.config b/ReleasePackage/bin/IntrusionDetectionAdmin.exe.config
new file mode 100644
index 0000000..661ac5a
--- /dev/null
+++ b/ReleasePackage/bin/IntrusionDetectionAdmin.exe.config
@@ -0,0 +1,13 @@
+<?xml version="1.0"?>
+<configuration>
+<startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/></startup>
+  <runtime>
+    <loadFromRemoteSources enabled="true"/>
+    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+      <dependentAssembly>
+        <assemblyIdentity name="System.Data.SQLite" publicKeyToken="db937bc2d44ff139" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-2.0.0.0" newVersion="1.0.112.1" />
+      </dependentAssembly>
+    </assemblyBinding>
+  </runtime>
+</configuration>
diff --git a/ReleasePackage/bin/Plugins/Cyberarms.Agents.Bind9.dll b/ReleasePackage/bin/Plugins/Cyberarms.Agents.Bind9.dll
new file mode 100644
index 0000000..da54c30
Binary files /dev/null and b/ReleasePackage/bin/Plugins/Cyberarms.Agents.Bind9.dll differ
diff --git a/ReleasePackage/bin/Plugins/Cyberarms.Agents.FileMaker.dll b/ReleasePackage/bin/Plugins/Cyberarms.Agents.FileMaker.dll
new file mode 100644
index 0000000..9e26b44
Binary files /dev/null and b/ReleasePackage/bin/Plugins/Cyberarms.Agents.FileMaker.dll differ
diff --git a/ReleasePackage/bin/Plugins/Cyberarms.Agents.FtpServer.dll b/ReleasePackage/bin/Plugins/Cyberarms.Agents.FtpServer.dll
new file mode 100644
index 0000000..88cc51c
Binary files /dev/null and b/ReleasePackage/bin/Plugins/Cyberarms.Agents.FtpServer.dll differ
diff --git a/ReleasePackage/bin/Plugins/Cyberarms.Agents.MailServer.dll b/ReleasePackage/bin/Plugins/Cyberarms.Agents.MailServer.dll
new file mode 100644
index 0000000..b9a5aaa
Binary files /dev/null and b/ReleasePackage/bin/Plugins/Cyberarms.Agents.MailServer.dll differ
diff --git a/ReleasePackage/bin/Plugins/Cyberarms.Agents.MySql.dll b/ReleasePackage/bin/Plugins/Cyberarms.Agents.MySql.dll
new file mode 100644
index 0000000..322c302
Binary files /dev/null and b/ReleasePackage/bin/Plugins/Cyberarms.Agents.MySql.dll differ
diff --git a/ReleasePackage/bin/Plugins/Cyberarms.Agents.Smtp.dll b/ReleasePackage/bin/Plugins/Cyberarms.Agents.Smtp.dll
new file mode 100644
index 0000000..645b1a3
Binary files /dev/null and b/ReleasePackage/bin/Plugins/Cyberarms.Agents.Smtp.dll differ
diff --git a/ReleasePackage/bin/Plugins/Cyberarms.Agents.SqlServer.dll b/ReleasePackage/bin/Plugins/Cyberarms.Agents.SqlServer.dll
new file mode 100644
index 0000000..9823f81
Binary files /dev/null and b/ReleasePackage/bin/Plugins/Cyberarms.Agents.SqlServer.dll differ
diff --git a/ReleasePackage/bin/Plugins/Cyberarms.Agents.TerminalServer.dll b/ReleasePackage/bin/Plugins/Cyberarms.Agents.TerminalServer.dll
new file mode 100644
index 0000000..b6f022c
Binary files /dev/null and b/ReleasePackage/bin/Plugins/Cyberarms.Agents.TerminalServer.dll differ
diff --git a/ReleasePackage/bin/Plugins/Cyberarms.Agents.WebSecurity.dll b/ReleasePackage/bin/Plugins/Cyberarms.Agents.WebSecurity.dll
new file mode 100644
index 0000000..550c011
Binary files /dev/null and b/ReleasePackage/bin/Plugins/Cyberarms.Agents.WebSecurity.dll differ
diff --git a/ReleasePackage/bin/Plugins/Cyberarms.IntrusionDetection.Base.Plugins.dll b/ReleasePackage/bin/Plugins/Cyberarms.IntrusionDetection.Base.Plugins.dll
new file mode 100644
index 0000000..b3531ee
Binary files /dev/null and b/ReleasePackage/bin/Plugins/Cyberarms.IntrusionDetection.Base.Plugins.dll differ
diff --git a/ReleasePackage/bin/SQLite.Interop.dll b/ReleasePackage/bin/SQLite.Interop.dll
new file mode 100644
index 0000000..1e4490d
Binary files /dev/null and b/ReleasePackage/bin/SQLite.Interop.dll differ
diff --git a/ReleasePackage/bin/System.Data.SQLite.dll b/ReleasePackage/bin/System.Data.SQLite.dll
new file mode 100644
index 0000000..4f5314c
Binary files /dev/null and b/ReleasePackage/bin/System.Data.SQLite.dll differ
diff --git a/ReleasePackage/bin/iddsadmin.exe b/ReleasePackage/bin/iddsadmin.exe
new file mode 100644
index 0000000..faf3ce6
Binary files /dev/null and b/ReleasePackage/bin/iddsadmin.exe differ
diff --git a/ReleasePackage/bin/iddsadmin.exe.config b/ReleasePackage/bin/iddsadmin.exe.config
new file mode 100644
index 0000000..a1195e1
--- /dev/null
+++ b/ReleasePackage/bin/iddsadmin.exe.config
@@ -0,0 +1,14 @@
+<?xml version="1.0"?>
+<configuration>
+  <startup>
+    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>
+  </startup>
+  <runtime>
+    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+      <dependentAssembly>
+        <assemblyIdentity name="System.Data.SQLite" publicKeyToken="db937bc2d44ff139" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-2.0.0.0" newVersion="1.0.112.1" />
+      </dependentAssembly>
+    </assemblyBinding>
+  </runtime>
+</configuration>
diff --git a/ReleasePackage/install.bat b/ReleasePackage/install.bat
new file mode 100644
index 0000000..a001953
--- /dev/null
+++ b/ReleasePackage/install.bat
@@ -0,0 +1,8 @@
+@echo off
+net session >nul 2>&1
+if %errorLevel% == 0 (
+    powershell -NoProfile -ExecutionPolicy Bypass -File "%~dp0install.ps1"
+    pause
+) else (
+    powershell -Command "Start-Process cmd -ArgumentList '/c \"\"%~dp0install.bat\"\"' -Verb RunAs"
+)
diff --git a/ReleasePackage/install.ps1 b/ReleasePackage/install.ps1
new file mode 100644
index 0000000..2d99b84
--- /dev/null
+++ b/ReleasePackage/install.ps1
@@ -0,0 +1,90 @@
+$isAdmin = ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
+if (-not $isAdmin) {
+    Write-Error "This installer requires Administrator privileges. Please run as Administrator."
+    Exit
+}
+
+$installDir = "C:\Program Files\Cyberarms Intrusion Detection"
+$serviceName = "Cyberarms Intrusion Detection"
+$displayName = "Cyberarms Intrusion Detection"
+$binPath = "$installDir\CyberarmsIdsService.exe"
+
+# 1. Stop and uninstall existing service if present
+$existingService = Get-Service $serviceName -ErrorAction SilentlyContinue
+if ($existingService) {
+    Write-Host "Stopping existing Cyberarms service..."
+    Stop-Service $serviceName -Force -ErrorAction SilentlyContinue
+    Start-Sleep -Seconds 2
+    Write-Host "Uninstalling existing Cyberarms service..."
+    $installUtil = "C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
+    if (Test-Path $installUtil) {
+        & $installUtil /u "$installDir\CyberarmsIdsService.exe" | Out-Null
+    } else {
+        & sc.exe delete $serviceName | Out-Null
+    }
+    Start-Sleep -Seconds 1
+}
+
+# 2. Copy files to Program Files
+Write-Host "Deploying files to $installDir..."
+if (-not (Test-Path $installDir)) {
+    New-Item -ItemType Directory -Path $installDir | Out-Null
+}
+$scriptPath = Split-Path -Parent $MyInvocation.MyCommand.Definition
+Copy-Item -Path "$scriptPath\bin\*" -Destination $installDir -Recurse -Force
+
+# 3. Create Windows Event Log source if missing
+Write-Host "Registering Event Log source..."
+try {
+    if (-not [System.Diagnostics.EventLog]::SourceExists("Cyberarms Intrusion Detection")) {
+        [System.Diagnostics.EventLog]::CreateEventSource("Cyberarms Intrusion Detection", "Cyberarms")
+    }
+} catch {
+    Write-Warning "Could not register Event Log source. Typically occurs if it is already partially registered: $_"
+}
+
+# 4. Register background service
+Write-Host "Registering background service..."
+$installUtil = "C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
+if (Test-Path $installUtil) {
+    & $installUtil $binPath | Out-Null
+} else {
+    New-Service -Name $serviceName -BinaryPathName $binPath -DisplayName $displayName -StartupType Automatic | Out-Null
+}
+
+# 5. Start the service
+Write-Host "Starting background service..."
+Start-Service $serviceName -ErrorAction SilentlyContinue
+
+# 6. Create Desktop and Start Menu Shortcuts
+Write-Host "Creating shortcuts..."
+try {
+    $wshShell = New-Object -ComObject WScript.Shell
+    
+    # Desktop
+    $desktopPath = [System.Environment]::GetFolderPath("Desktop")
+    $desktopShortcut = $wshShell.CreateShortcut("$desktopPath\Cyberarms Intrusion Detection.lnk")
+    $desktopShortcut.TargetPath = "$installDir\IntrusionDetectionAdmin.exe"
+    $desktopShortcut.WorkingDirectory = $installDir
+    $desktopShortcut.Description = "Cyberarms Intrusion Detection Admin Panel"
+    $desktopShortcut.IconLocation = "$installDir\IntrusionDetectionAdmin.exe, 0"
+    $desktopShortcut.Save()
+
+    # Start Menu
+    $startMenuPath = [System.Environment]::GetFolderPath("CommonPrograms")
+    $cyberarmsProgramsFolder = "$startMenuPath\Cyberarms Intrusion Detection"
+    if (-not (Test-Path $cyberarmsProgramsFolder)) {
+        New-Item -ItemType Directory -Path $cyberarmsProgramsFolder | Out-Null
+    }
+    $startShortcut = $wshShell.CreateShortcut("$cyberarmsProgramsFolder\Cyberarms Intrusion Detection.lnk")
+    $startShortcut.TargetPath = "$installDir\IntrusionDetectionAdmin.exe"
+    $startShortcut.WorkingDirectory = $installDir
+    $startShortcut.Description = "Cyberarms Intrusion Detection Admin Panel"
+    $startShortcut.IconLocation = "$installDir\IntrusionDetectionAdmin.exe, 0"
+    $startShortcut.Save()
+} catch {
+    Write-Warning "Failed to create shortcuts: $_"
+}
+
+Write-Host "`nInstallation Completed Successfully!"
+Write-Host "The Cyberarms background service is now running."
diff --git a/ReleasePackage/uninstall.bat b/ReleasePackage/uninstall.bat
new file mode 100644
index 0000000..9e9904f
--- /dev/null
+++ b/ReleasePackage/uninstall.bat
@@ -0,0 +1,8 @@
+@echo off
+net session >nul 2>&1
+if %errorLevel% == 0 (
+    powershell -NoProfile -ExecutionPolicy Bypass -File "%~dp0uninstall.ps1"
+    pause
+) else (
+    powershell -Command "Start-Process cmd -ArgumentList '/c \"\"%~dp0uninstall.bat\"\"' -Verb RunAs"
+)
diff --git a/ReleasePackage/uninstall.ps1 b/ReleasePackage/uninstall.ps1
new file mode 100644
index 0000000..71e8328
--- /dev/null
+++ b/ReleasePackage/uninstall.ps1
@@ -0,0 +1,61 @@
+$isAdmin = ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
+if (-not $isAdmin) {
+    Write-Error "This uninstaller requires Administrator privileges. Please run as Administrator."
+    Exit
+}
+
+$installDir = "C:\Program Files\Cyberarms Intrusion Detection"
+$serviceName = "Cyberarms Intrusion Detection"
+$binPath = "$installDir\CyberarmsIdsService.exe"
+
+# 1. Stop and uninstall service
+$existingService = Get-Service $serviceName -ErrorAction SilentlyContinue
+if ($existingService) {
+    Write-Host "Stopping Cyberarms service..."
+    Stop-Service $serviceName -Force -ErrorAction SilentlyContinue
+    Start-Sleep -Seconds 2
+    
+    Write-Host "Uninstalling Cyberarms service..."
+    $installUtil = "C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
+    if (Test-Path $installUtil -and (Test-Path $binPath)) {
+        & $installUtil /u $binPath | Out-Null
+    } else {
+        & sc.exe delete $serviceName | Out-Null
+    }
+    Start-Sleep -Seconds 1
+}
+
+# 2. Delete Shortcuts
+Write-Host "Removing shortcuts..."
+$desktopPath = [System.Environment]::GetFolderPath("Desktop")
+$desktopLnk = "$desktopPath\Cyberarms Intrusion Detection.lnk"
+if (Test-Path $desktopLnk) {
+    Remove-Item $desktopLnk -Force
+}
+
+$startMenuPath = [System.Environment]::GetFolderPath("CommonPrograms")
+$cyberarmsProgramsFolder = "$startMenuPath\Cyberarms Intrusion Detection"
+if (Test-Path $cyberarmsProgramsFolder) {
+    Remove-Item $cyberarmsProgramsFolder -Recurse -Force
+}
+
+# 3. Delete event log source and log
+Write-Host "Removing Event Log source..."
+try {
+    if ([System.Diagnostics.EventLog]::SourceExists("Cyberarms Intrusion Detection")) {
+        [System.Diagnostics.EventLog]::DeleteEventSource("Cyberarms Intrusion Detection")
+    }
+    if ([System.Diagnostics.EventLog]::Exists("Cyberarms")) {
+        [System.Diagnostics.EventLog]::Delete("Cyberarms")
+    }
+} catch {
+    Write-Warning "Could not clean up Event Log source/log: $_"
+}
+
+# 4. Delete deployed files
+Write-Host "Removing application files from $installDir..."
+if (Test-Path $installDir) {
+    Remove-Item $installDir -Recurse -Force
+}
+
+Write-Host "`nUninstallation Completed Successfully!"
diff --git a/SqlServerAgentTest/SqlServerAgentTest.csproj b/SqlServerAgentTest/SqlServerAgentTest.csproj
index 69b175a..7b35f78 100644
--- a/SqlServerAgentTest/SqlServerAgentTest.csproj
+++ b/SqlServerAgentTest/SqlServerAgentTest.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>SqlServerAgentTest</RootNamespace>
     <AssemblyName>SqlServerAgentTest</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <TargetFrameworkProfile>Client</TargetFrameworkProfile>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
@@ -110,4 +110,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/SqlServerAgentTest/obj/x86/Release/.NETFramework,Version=v4.8,Profile=Client.AssemblyAttributes.cs b/SqlServerAgentTest/obj/x86/Release/.NETFramework,Version=v4.8,Profile=Client.AssemblyAttributes.cs
new file mode 100644
index 0000000..fc37109
--- /dev/null
+++ b/SqlServerAgentTest/obj/x86/Release/.NETFramework,Version=v4.8,Profile=Client.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8,Profile=Client", FrameworkDisplayName = "")]
diff --git a/SqlServerAgentTest/obj/x86/Release/SqlServerAgentTest.csproj.FileListAbsolute.txt b/SqlServerAgentTest/obj/x86/Release/SqlServerAgentTest.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..7d345a4
--- /dev/null
+++ b/SqlServerAgentTest/obj/x86/Release/SqlServerAgentTest.csproj.FileListAbsolute.txt
@@ -0,0 +1,10 @@
+C:\Cyberarms\Cyberarms-master\SqlServerAgentTest\bin\Release\SqlServerAgentTest.exe
+C:\Cyberarms\Cyberarms-master\SqlServerAgentTest\bin\Release\SqlServerAgentTest.pdb
+C:\Cyberarms\Cyberarms-master\SqlServerAgentTest\bin\Release\Cyberarms.Agents.SqlServer.dll
+C:\Cyberarms\Cyberarms-master\SqlServerAgentTest\bin\Release\Cyberarms.IntrusionDetection.Api.dll
+C:\Cyberarms\Cyberarms-master\SqlServerAgentTest\bin\Release\Cyberarms.Agents.SqlServer.pdb
+C:\Cyberarms\Cyberarms-master\SqlServerAgentTest\bin\Release\Cyberarms.IntrusionDetection.Api.pdb
+C:\Cyberarms\Cyberarms-master\SqlServerAgentTest\bin\Release\Cyberarms.IntrusionDetection.Api.xml
+C:\Cyberarms\Cyberarms-master\SqlServerAgentTest\obj\x86\Release\SqlServerAgentTest.exe
+C:\Cyberarms\Cyberarms-master\SqlServerAgentTest\obj\x86\Release\SqlServerAgentTest.pdb
+C:\Cyberarms\Cyberarms-master\SqlServerAgentTest\obj\x86\Release\SqlServerAgentTest.csprojResolveAssemblyReference.cache
diff --git a/TlsSslTest/TlsSslTest.csproj b/TlsSslTest/TlsSslTest.csproj
index 637ea2f..cf5f0f7 100644
--- a/TlsSslTest/TlsSslTest.csproj
+++ b/TlsSslTest/TlsSslTest.csproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -10,7 +10,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>TlsSslTest</RootNamespace>
     <AssemblyName>TlsSslTest</AssemblyName>
-    <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <TargetFrameworkProfile>Client</TargetFrameworkProfile>
     <FileAlignment>512</FileAlignment>
     <SccProjectName>SAK</SccProjectName>
@@ -109,4 +109,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
\ No newline at end of file
+</Project>
diff --git a/TlsSslTest/obj/x86/Release/.NETFramework,Version=v4.8,Profile=Client.AssemblyAttributes.cs b/TlsSslTest/obj/x86/Release/.NETFramework,Version=v4.8,Profile=Client.AssemblyAttributes.cs
new file mode 100644
index 0000000..fc37109
--- /dev/null
+++ b/TlsSslTest/obj/x86/Release/.NETFramework,Version=v4.8,Profile=Client.AssemblyAttributes.cs
@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8,Profile=Client", FrameworkDisplayName = "")]
diff --git a/TlsSslTest/obj/x86/Release/TlsSslTest.csproj.FileListAbsolute.txt b/TlsSslTest/obj/x86/Release/TlsSslTest.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..ec27c37
--- /dev/null
+++ b/TlsSslTest/obj/x86/Release/TlsSslTest.csproj.FileListAbsolute.txt
@@ -0,0 +1,10 @@
+C:\Cyberarms\Cyberarms-master\TlsSslTest\bin\Release\TlsSslTest.exe
+C:\Cyberarms\Cyberarms-master\TlsSslTest\bin\Release\TlsSslTest.pdb
+C:\Cyberarms\Cyberarms-master\TlsSslTest\bin\Release\Cyberarms.Agents.TerminalServer.dll
+C:\Cyberarms\Cyberarms-master\TlsSslTest\bin\Release\Cyberarms.IntrusionDetection.Api.dll
+C:\Cyberarms\Cyberarms-master\TlsSslTest\bin\Release\Cyberarms.Agents.TerminalServer.pdb
+C:\Cyberarms\Cyberarms-master\TlsSslTest\bin\Release\Cyberarms.IntrusionDetection.Api.pdb
+C:\Cyberarms\Cyberarms-master\TlsSslTest\bin\Release\Cyberarms.IntrusionDetection.Api.xml
+C:\Cyberarms\Cyberarms-master\TlsSslTest\obj\x86\Release\TlsSslTest.exe
+C:\Cyberarms\Cyberarms-master\TlsSslTest\obj\x86\Release\TlsSslTest.pdb
+C:\Cyberarms\Cyberarms-master\TlsSslTest\obj\x86\Release\TlsSslTest.csprojResolveAssemblyReference.cache
diff --git a/build.log b/build.log
new file mode 100644
index 0000000..58db12f
Binary files /dev/null and b/build.log differ
diff --git a/build_admin.log b/build_admin.log
new file mode 100644
index 0000000..8eca29f
Binary files /dev/null and b/build_admin.log differ
diff --git a/build_framework.log b/build_framework.log
new file mode 100644
index 0000000..8cc9179
Binary files /dev/null and b/build_framework.log differ
diff --git a/install.bat b/install.bat
new file mode 100644
index 0000000..a001953
--- /dev/null
+++ b/install.bat
@@ -0,0 +1,8 @@
+@echo off
+net session >nul 2>&1
+if %errorLevel% == 0 (
+    powershell -NoProfile -ExecutionPolicy Bypass -File "%~dp0install.ps1"
+    pause
+) else (
+    powershell -Command "Start-Process cmd -ArgumentList '/c \"\"%~dp0install.bat\"\"' -Verb RunAs"
+)
diff --git a/install.log b/install.log
new file mode 100644
index 0000000..e69de29
diff --git a/install.ps1 b/install.ps1
new file mode 100644
index 0000000..2d99b84
--- /dev/null
+++ b/install.ps1
@@ -0,0 +1,90 @@
+$isAdmin = ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
+if (-not $isAdmin) {
+    Write-Error "This installer requires Administrator privileges. Please run as Administrator."
+    Exit
+}
+
+$installDir = "C:\Program Files\Cyberarms Intrusion Detection"
+$serviceName = "Cyberarms Intrusion Detection"
+$displayName = "Cyberarms Intrusion Detection"
+$binPath = "$installDir\CyberarmsIdsService.exe"
+
+# 1. Stop and uninstall existing service if present
+$existingService = Get-Service $serviceName -ErrorAction SilentlyContinue
+if ($existingService) {
+    Write-Host "Stopping existing Cyberarms service..."
+    Stop-Service $serviceName -Force -ErrorAction SilentlyContinue
+    Start-Sleep -Seconds 2
+    Write-Host "Uninstalling existing Cyberarms service..."
+    $installUtil = "C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
+    if (Test-Path $installUtil) {
+        & $installUtil /u "$installDir\CyberarmsIdsService.exe" | Out-Null
+    } else {
+        & sc.exe delete $serviceName | Out-Null
+    }
+    Start-Sleep -Seconds 1
+}
+
+# 2. Copy files to Program Files
+Write-Host "Deploying files to $installDir..."
+if (-not (Test-Path $installDir)) {
+    New-Item -ItemType Directory -Path $installDir | Out-Null
+}
+$scriptPath = Split-Path -Parent $MyInvocation.MyCommand.Definition
+Copy-Item -Path "$scriptPath\bin\*" -Destination $installDir -Recurse -Force
+
+# 3. Create Windows Event Log source if missing
+Write-Host "Registering Event Log source..."
+try {
+    if (-not [System.Diagnostics.EventLog]::SourceExists("Cyberarms Intrusion Detection")) {
+        [System.Diagnostics.EventLog]::CreateEventSource("Cyberarms Intrusion Detection", "Cyberarms")
+    }
+} catch {
+    Write-Warning "Could not register Event Log source. Typically occurs if it is already partially registered: $_"
+}
+
+# 4. Register background service
+Write-Host "Registering background service..."
+$installUtil = "C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
+if (Test-Path $installUtil) {
+    & $installUtil $binPath | Out-Null
+} else {
+    New-Service -Name $serviceName -BinaryPathName $binPath -DisplayName $displayName -StartupType Automatic | Out-Null
+}
+
+# 5. Start the service
+Write-Host "Starting background service..."
+Start-Service $serviceName -ErrorAction SilentlyContinue
+
+# 6. Create Desktop and Start Menu Shortcuts
+Write-Host "Creating shortcuts..."
+try {
+    $wshShell = New-Object -ComObject WScript.Shell
+    
+    # Desktop
+    $desktopPath = [System.Environment]::GetFolderPath("Desktop")
+    $desktopShortcut = $wshShell.CreateShortcut("$desktopPath\Cyberarms Intrusion Detection.lnk")
+    $desktopShortcut.TargetPath = "$installDir\IntrusionDetectionAdmin.exe"
+    $desktopShortcut.WorkingDirectory = $installDir
+    $desktopShortcut.Description = "Cyberarms Intrusion Detection Admin Panel"
+    $desktopShortcut.IconLocation = "$installDir\IntrusionDetectionAdmin.exe, 0"
+    $desktopShortcut.Save()
+
+    # Start Menu
+    $startMenuPath = [System.Environment]::GetFolderPath("CommonPrograms")
+    $cyberarmsProgramsFolder = "$startMenuPath\Cyberarms Intrusion Detection"
+    if (-not (Test-Path $cyberarmsProgramsFolder)) {
+        New-Item -ItemType Directory -Path $cyberarmsProgramsFolder | Out-Null
+    }
+    $startShortcut = $wshShell.CreateShortcut("$cyberarmsProgramsFolder\Cyberarms Intrusion Detection.lnk")
+    $startShortcut.TargetPath = "$installDir\IntrusionDetectionAdmin.exe"
+    $startShortcut.WorkingDirectory = $installDir
+    $startShortcut.Description = "Cyberarms Intrusion Detection Admin Panel"
+    $startShortcut.IconLocation = "$installDir\IntrusionDetectionAdmin.exe, 0"
+    $startShortcut.Save()
+} catch {
+    Write-Warning "Failed to create shortcuts: $_"
+}
+
+Write-Host "`nInstallation Completed Successfully!"
+Write-Host "The Cyberarms background service is now running."
diff --git a/install_util.log b/install_util.log
new file mode 100644
index 0000000..0037b95
Binary files /dev/null and b/install_util.log differ
diff --git a/install_util_32.log b/install_util_32.log
new file mode 100644
index 0000000..2bbfe50
Binary files /dev/null and b/install_util_32.log differ
diff --git a/package.ps1 b/package.ps1
new file mode 100644
index 0000000..ac8baf6
--- /dev/null
+++ b/package.ps1
@@ -0,0 +1,114 @@
+$baseDir = "c:\Cyberarms\Cyberarms-master"
+$packageDir = "$baseDir\ReleasePackage"
+$binDir = "$packageDir\bin"
+$pluginsDir = "$binDir\Plugins"
+
+# Create clean packaging directories
+if (Test-Path $packageDir) {
+    Remove-Item $packageDir -Recurse -Force
+}
+New-Item -ItemType Directory -Path $packageDir | Out-Null
+New-Item -ItemType Directory -Path $binDir | Out-Null
+New-Item -ItemType Directory -Path $pluginsDir | Out-Null
+
+function Get-SourcePath($project, $file) {
+    $x86Path = "$baseDir\$project\bin\x86\Release\$file"
+    if (Test-Path $x86Path) { return $x86Path }
+    $anyCpuPath = "$baseDir\$project\bin\Release\$file"
+    if (Test-Path $anyCpuPath) { return $anyCpuPath }
+    return "$baseDir\$project\bin\Release 64-bit edition\$file"
+}
+
+# Copy main service binaries and dependencies
+Copy-Item (Get-SourcePath "Cyberarms.IntrusionDetection.Service" "CyberarmsIdsService.exe") -Destination $binDir
+$svcConfig = Get-SourcePath "Cyberarms.IntrusionDetection.Service" "CyberarmsIdsService.exe.config"
+if (Test-Path $svcConfig) {
+    Copy-Item $svcConfig -Destination $binDir
+} else {
+    Copy-Item "$baseDir\Cyberarms.IntrusionDetection.Service\app.config" -Destination "$binDir\CyberarmsIdsService.exe.config"
+}
+Copy-Item (Get-SourcePath "Cyberarms.IntrusionDetection.Service" "Cyberarms.IntrusionDetection.Api.dll") -Destination $binDir
+Copy-Item (Get-SourcePath "Cyberarms.IntrusionDetection.Service" "Cyberarms.IntrusionDetection.Shared.dll") -Destination $binDir
+
+# Copy Admin console
+Copy-Item (Get-SourcePath "Cyberarms.IDDS.Management" "iddsadmin.exe") -Destination $binDir
+Copy-Item "$baseDir\Cyberarms.IDDS.Management\app.config" -Destination "$binDir\iddsadmin.exe.config" -ErrorAction SilentlyContinue
+
+# Copy GUI Admin panel
+Copy-Item (Get-SourcePath "Cyberarms.IntrusionDetection.Admin" "IntrusionDetectionAdmin.exe") -Destination $binDir
+Copy-Item (Get-SourcePath "Cyberarms.IntrusionDetection.Admin" "IntrusionDetectionAdmin.exe.config") -Destination $binDir -ErrorAction SilentlyContinue
+
+# Copy CLI tool
+Copy-Item (Get-SourcePath "Cyberarms.IntrusionDetection.Cmd" "CyberarmsIdsCmd.exe") -Destination $binDir
+Copy-Item "$baseDir\Cyberarms.IntrusionDetection.Cmd\app.config" -Destination "$binDir\CyberarmsIdsCmd.exe.config" -ErrorAction SilentlyContinue
+
+# Copy SQLite assemblies
+Copy-Item "$baseDir\Dependencies\SQLite\System.Data.SQLite.dll" -Destination $binDir
+Copy-Item "$baseDir\Dependencies\SQLite\SQLite.Interop.dll" -Destination $binDir
+
+# Copy WebSecurity library
+Copy-Item "$baseDir\Cyberarms.WebSecurity\bin\Release\Cyberarms.WebSecurity.dll" -Destination $binDir
+
+# Copy Event Log Cleaner utility
+Copy-Item "$baseDir\EventLogCleaner\bin\Release\EventLogCleaner.exe" -Destination $binDir -ErrorAction SilentlyContinue
+
+# Copy Agent Plugins to the Plugins folder
+$agents = @(
+    "Bind9", "FileMaker", "FtpServer", "MailServer", "MySql", "Smtp", "SqlServer", "TerminalServer", "WebSecurity"
+)
+foreach ($agent in $agents) {
+    $agentProject = "Cyberarms.Agents.$agent"
+    $agentFile = "$agentProject.dll"
+    $sourcePath = Get-SourcePath $agentProject $agentFile
+    if (Test-Path $sourcePath) {
+        Copy-Item $sourcePath -Destination $pluginsDir
+    } else {
+        Write-Warning "Could not find built assembly for agent $agent at: $sourcePath"
+    }
+}
+Copy-Item (Get-SourcePath "Cyberarms.IntrusionDetection.Base" "Cyberarms.IntrusionDetection.Base.Plugins.dll") -Destination $pluginsDir
+
+
+# Copy installer scripts and batch files
+Copy-Item "$baseDir\install.ps1" -Destination $packageDir -ErrorAction SilentlyContinue
+Copy-Item "$baseDir\uninstall.ps1" -Destination $packageDir -ErrorAction SilentlyContinue
+Copy-Item "$baseDir\install.bat" -Destination $packageDir -ErrorAction SilentlyContinue
+Copy-Item "$baseDir\uninstall.bat" -Destination $packageDir -ErrorAction SilentlyContinue
+
+# Create a README
+$readmeText = @"
+============================================================
+Cyberarms Intrusion Detection and Prevention - Release 2.2.0
+============================================================
+
+This package contains the Cyberarms background service, administration
+console, and command line tools configured to use Null Routing based blocking.
+
+Prerequisites:
+- Windows Server 2008 R2, 2012, 2016, 2019, 2022, or 2025.
+- .NET Framework 4.8 or later installed.
+- Administrator privileges on the machine.
+
+Installation:
+1. Right-click on "install.bat" and select "Run as administrator".
+2. Confirm the UAC prompt.
+3. The installer will copy files to C:\Program Files\Cyberarms Intrusion Detection,
+   register and start the background service, and create desktop shortcuts.
+
+Uninstallation:
+1. Right-click on "uninstall.bat" and select "Run as administrator".
+2. Confirm the UAC prompt.
+3. The uninstaller will stop and remove the background service and clean up
+   all deployed files and shortcuts.
+"@
+$readmeText | Out-File -FilePath "$packageDir\README.txt" -Encoding utf8
+
+# Archive to zip
+$zipPath = "$baseDir\Cyberarms-Release-2.2.0.zip"
+if (Test-Path $zipPath) {
+    Remove-Item $zipPath -Force
+}
+Add-Type -AssemblyName System.IO.Compression.FileSystem
+[System.IO.Compression.ZipFile]::CreateFromDirectory($packageDir, $zipPath)
+
+Write-Host "Release package successfully created at: $zipPath"
diff --git a/rebuild_sln.log b/rebuild_sln.log
new file mode 100644
index 0000000..c2e4a6a
Binary files /dev/null and b/rebuild_sln.log differ
diff --git a/scratch/build_all.ps1 b/scratch/build_all.ps1
new file mode 100644
index 0000000..c2b26e5
--- /dev/null
+++ b/scratch/build_all.ps1
@@ -0,0 +1,44 @@
+$baseDir = "c:\Cyberarms\Cyberarms-master"
+$msbuild = "C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
+
+$projects = @(
+    "Cyberarms.IntrusionDetection.Api\Cyberarms.IntrusionDetection.Api.csproj",
+    "Cyberarms.IntrusionDetection.Shared\Cyberarms.IntrusionDetection.Shared.csproj",
+    "Cyberarms.WebSecurity\Cyberarms.WebSecurity.csproj",
+    "Cyberarms.IntrusionDetection.Base\Cyberarms.IntrusionDetection.Base.Plugins.csproj",
+    "Cyberarms.Agents.Bind9\Cyberarms.Agents.Bind9.csproj",
+    "Cyberarms.Agents.FileMaker\Cyberarms.Agents.FileMaker.csproj",
+    "Cyberarms.Agents.FtpServer\Cyberarms.Agents.FtpServer.csproj",
+    "Cyberarms.Agents.MailServer\Cyberarms.Agents.MailServer.csproj",
+    "Cyberarms.Agents.MySql\Cyberarms.Agents.MySql.csproj",
+    "Cyberarms.Agents.Smtp\Cyberarms.Agents.Smtp.csproj",
+    "Cyberarms.Agents.SqlServer\Cyberarms.Agents.SqlServer.csproj",
+    "Cyberarms.Agents.TerminalServer\Cyberarms.Agents.TerminalServer.csproj",
+    "Cyberarms.Agents.WebSecurity\Cyberarms.Agents.WebSecurity.csproj",
+    "Cyberarms.IntrusionDetection.Service\Cyberarms.IntrusionDetection.Service.csproj",
+    "Cyberarms.IntrusionDetection.Cmd\Cyberarms.IntrusionDetection.Cmd.csproj",
+    "Cyberarms.IDDS.Management\Cyberarms.IDDS.Management.csproj",
+    "EventLogCleaner\EventLogCleaner.csproj"
+)
+
+foreach ($proj in $projects) {
+    $path = Join-Path $baseDir $proj
+    $content = Get-Content $path -Raw
+    
+    $platform = "AnyCPU"
+    if ($content -match "Release\|x86") {
+        $platform = "x86"
+    }
+    
+    Write-Host "========================================"
+    Write-Host "Building $proj (Platform: $platform)"
+    Write-Host "========================================"
+    
+    & $msbuild $path /t:Rebuild /p:Configuration=Release /p:Platform=$platform
+    if ($LASTEXITCODE -ne 0) {
+        Write-Error "Failed to build $proj"
+        exit $LASTEXITCODE
+    }
+}
+
+Write-Host "All builds completed successfully!"
diff --git a/scratch/check_count.ps1 b/scratch/check_count.ps1
new file mode 100644
index 0000000..cac27fe
--- /dev/null
+++ b/scratch/check_count.ps1
@@ -0,0 +1,10 @@
+Add-Type -Path "C:\Program Files\Cyberarms Intrusion Detection\System.Data.SQLite.dll"
+$dbPath = "C:\Program Files\Cyberarms Intrusion Detection\cyberarms.idds.dbf"
+$connString = "Data Source=$dbPath;Password=hasdvfdfaxNm.DFd3djkn2li9fu24$;File Mode=read write;Pooling=True;"
+$connection = New-Object System.Data.SQLite.SQLiteConnection($connString)
+$connection.Open()
+$cmd = $connection.CreateCommand()
+$cmd.CommandText = "select count(*) from IntrusionLog"
+$result = $cmd.ExecuteScalar()
+Write-Host "Total Log Count: $result"
+$connection.Close()
diff --git a/scratch/check_index.ps1 b/scratch/check_index.ps1
new file mode 100644
index 0000000..ee4a78a
--- /dev/null
+++ b/scratch/check_index.ps1
@@ -0,0 +1,10 @@
+try {
+    $serviceDll = "C:\Program Files\Cyberarms Intrusion Detection\CyberarmsIdsService.exe"
+    $assembly = [System.Reflection.Assembly]::LoadFrom($serviceDll)
+    $fpmType = $assembly.GetType("Cyberarms.IntrusionDetection.FirewallPolicyManager")
+    $method = $fpmType.GetMethod("GetLoopbackInterfaceIndex", [System.Reflection.BindingFlags]::Static -bor [System.Reflection.BindingFlags]::NonPublic)
+    $res = $method.Invoke($null, $null)
+    Write-Host "Service loopback index returned: $res"
+} catch {
+    Write-Host $_.Exception.ToString()
+}
diff --git a/scratch/diagnose_packaged.ps1 b/scratch/diagnose_packaged.ps1
new file mode 100644
index 0000000..d75a787
--- /dev/null
+++ b/scratch/diagnose_packaged.ps1
@@ -0,0 +1,19 @@
+try {
+    $binDir = "C:\Cyberarms\Cyberarms-master\ReleasePackage\bin"
+    Write-Host "Loading System.Data.SQLite..."
+    [System.Reflection.Assembly]::LoadFrom("$binDir\System.Data.SQLite.dll") | Out-Null
+    
+    Write-Host "Loading Cyberarms.IntrusionDetection.Shared..."
+    [System.Reflection.Assembly]::LoadFrom("$binDir\Cyberarms.IntrusionDetection.Shared.dll") | Out-Null
+    
+    Write-Host "Instantiating Database via reflection..."
+    $db = [Activator]::CreateInstance([Cyberarms.IntrusionDetection.Shared.Database], $true)
+    Write-Host "Database instantiated successfully!"
+} catch {
+    Write-Host "EXCEPTION CAUGHT:"
+    Write-Host $_.Exception.ToString()
+    if ($_.Exception.InnerException) {
+        Write-Host "INNER EXCEPTION:"
+        Write-Host $_.Exception.InnerException.ToString()
+    }
+}
diff --git a/scratch/fix_csproj.ps1 b/scratch/fix_csproj.ps1
new file mode 100644
index 0000000..cc5536e
--- /dev/null
+++ b/scratch/fix_csproj.ps1
@@ -0,0 +1,5 @@
+$path = "c:\Cyberarms\Cyberarms-master\Cyberarms.IntrusionDetection.Admin\Cyberarms.IntrusionDetection.Admin.csproj"
+$enc1252 = [System.Text.Encoding]::GetEncoding(1252)
+$content = [System.IO.File]::ReadAllText($path, $enc1252)
+[System.IO.File]::WriteAllText($path, $content, [System.Text.Encoding]::UTF8)
+Write-Host "Encoding fixed successfully!"
diff --git a/scratch/insert_prod_test_log.ps1 b/scratch/insert_prod_test_log.ps1
new file mode 100644
index 0000000..151d27b
--- /dev/null
+++ b/scratch/insert_prod_test_log.ps1
@@ -0,0 +1,61 @@
+Start-Transcript -Path "c:\Cyberarms\insert_prod_test_log.log" -Force
+
+try {
+    Add-Type -Path "C:\Program Files\Cyberarms Intrusion Detection\System.Data.SQLite.dll"
+    
+    $dbPath = "C:\Program Files\Cyberarms Intrusion Detection\cyberarms.idds.dbf"
+    $connString = "Data Source=$dbPath;Password=hasdvfdfaxNm.DFd3djkn2li9fu24$;File Mode=read write;Pooling=True;"
+    
+    $connection = New-Object System.Data.SQLite.SQLiteConnection($connString)
+    $connection.Open()
+    
+    try {
+        $cmd = $connection.CreateCommand()
+        $cmd.CommandText = "insert into IntrusionLog (IncidentTime, AgentId, ClientIP, Action, ActionTriggeredByUser) values (@p0, @p1, @p2, @p3, @p4)"
+        
+        $p0 = $cmd.CreateParameter()
+        $p0.ParameterName = "@p0"
+        $p0.Value = [DateTime]::Now
+        $cmd.Parameters.Add($p0)
+        
+        $p1 = $cmd.CreateParameter()
+        $p1.ParameterName = "@p1"
+        $p1.Value = [Guid]::NewGuid()
+        $cmd.Parameters.Add($p1)
+        
+        $p2 = $cmd.CreateParameter()
+        $p2.ParameterName = "@p2"
+        $p2.Value = "1.2.3.4"
+        $cmd.Parameters.Add($p2)
+        
+        $p3 = $cmd.CreateParameter()
+        $p3.ParameterName = "@p3"
+        $p3.Value = 100
+        $cmd.Parameters.Add($p3)
+        
+        $p4 = $cmd.CreateParameter()
+        $p4.ParameterName = "@p4"
+        $p4.Value = $false
+        $cmd.Parameters.Add($p4)
+        
+        $cmd.ExecuteNonQuery()
+        $cmd.Dispose()
+        
+        # Get the new max ID
+        $cmd2 = $connection.CreateCommand()
+        $cmd2.CommandText = "select max(Id) from IntrusionLog"
+        $newMax = $cmd2.ExecuteScalar()
+        $cmd2.Dispose()
+        
+        Write-Host "Successfully inserted production test log! New Max ID: $newMax"
+    }
+    finally {
+        $connection.Close()
+    }
+}
+catch {
+    Write-Error $_.Exception.ToString()
+}
+finally {
+    Stop-Transcript
+}
diff --git a/scratch/insert_test_log.ps1 b/scratch/insert_test_log.ps1
new file mode 100644
index 0000000..a8a454b
--- /dev/null
+++ b/scratch/insert_test_log.ps1
@@ -0,0 +1,51 @@
+Add-Type -Path "C:\Program Files\Cyberarms Intrusion Detection\System.Data.SQLite.dll"
+
+$dbPath = "c:\Cyberarms\cyberarms.idds.dbf"
+$connString = "Data Source=$dbPath;Password=hasdvfdfaxNm.DFd3djkn2li9fu24$;File Mode=read write;Pooling=True;"
+
+$connection = New-Object System.Data.SQLite.SQLiteConnection($connString)
+$connection.Open()
+
+try {
+    $cmd = $connection.CreateCommand()
+    $cmd.CommandText = "insert into IntrusionLog (IncidentTime, AgentId, ClientIP, Action, ActionTriggeredByUser) values (@p0, @p1, @p2, @p3, @p4)"
+    
+    $p0 = $cmd.CreateParameter()
+    $p0.ParameterName = "@p0"
+    $p0.Value = [DateTime]::Now
+    $cmd.Parameters.Add($p0)
+    
+    $p1 = $cmd.CreateParameter()
+    $p1.ParameterName = "@p1"
+    $p1.Value = [Guid]::NewGuid()
+    $cmd.Parameters.Add($p1)
+    
+    $p2 = $cmd.CreateParameter()
+    $p2.ParameterName = "@p2"
+    $p2.Value = "1.2.3.4"
+    $cmd.Parameters.Add($p2)
+    
+    $p3 = $cmd.CreateParameter()
+    $p3.ParameterName = "@p3"
+    $p3.Value = 100
+    $cmd.Parameters.Add($p3)
+    
+    $p4 = $cmd.CreateParameter()
+    $p4.ParameterName = "@p4"
+    $p4.Value = $false
+    $cmd.Parameters.Add($p4)
+    
+    $cmd.ExecuteNonQuery()
+    $cmd.Dispose()
+    
+    # Get the new max ID
+    $cmd2 = $connection.CreateCommand()
+    $cmd2.CommandText = "select max(Id) from IntrusionLog"
+    $newMax = $cmd2.ExecuteScalar()
+    $cmd2.Dispose()
+    
+    Write-Host "Successfully inserted test log! New Max ID: $newMax"
+}
+finally {
+    $connection.Close()
+}
diff --git a/scratch/query_db.ps1 b/scratch/query_db.ps1
new file mode 100644
index 0000000..d57d92c
--- /dev/null
+++ b/scratch/query_db.ps1
@@ -0,0 +1,14 @@
+try {
+    [System.Reflection.Assembly]::LoadFrom("C:\Program Files\Cyberarms Intrusion Detection\System.Data.SQLite.dll") | Out-Null
+    $conn = New-Object System.Data.SQLite.SQLiteConnection("Data Source=C:\Program Files\Cyberarms Intrusion Detection\cyberarms.idds.dbf;Password=hasdvfdfaxNm.DFd3djkn2li9fu24$")
+    $conn.Open()
+    $cmd = $conn.CreateCommand()
+    $cmd.CommandText = "select * from SecurityAgents"
+    $adapter = New-Object System.Data.SQLite.SQLiteDataAdapter($cmd)
+    $dt = New-Object System.Data.DataTable
+    $adapter.Fill($dt) | Out-Null
+    $dt | Format-Table -AutoSize | Out-String | Out-File -FilePath "c:\Cyberarms\query_result.txt" -Encoding utf8
+    $conn.Close()
+} catch {
+    $_ | Out-File -FilePath "c:\Cyberarms\query_result.txt" -Encoding utf8
+}
diff --git a/scratch/read_security_log.ps1 b/scratch/read_security_log.ps1
new file mode 100644
index 0000000..c86376c
--- /dev/null
+++ b/scratch/read_security_log.ps1
@@ -0,0 +1 @@
+Get-EventLog -LogName Security -InstanceId 4625 -Newest 5 -ErrorAction SilentlyContinue | Format-List TimeGenerated, Message | Out-File -FilePath "c:\Cyberarms\security_result.txt" -Encoding utf8
diff --git a/scratch/test_db_updates.ps1 b/scratch/test_db_updates.ps1
new file mode 100644
index 0000000..c9ef80d
--- /dev/null
+++ b/scratch/test_db_updates.ps1
@@ -0,0 +1,28 @@
+Add-Type -Path "C:\Program Files\Cyberarms Intrusion Detection\System.Data.SQLite.dll"
+
+$dbPath = "c:\Cyberarms\cyberarms.idds.dbf"
+$connString = "Data Source=$dbPath;Password=hasdvfdfaxNm.DFd3djkn2li9fu24$;File Mode=read write;Pooling=True;"
+
+$connection = New-Object System.Data.SQLite.SQLiteConnection($connString)
+$connection.Open()
+
+Write-Host "Connection opened to $dbPath"
+Write-Host "Press Ctrl+C to stop."
+
+try {
+    while ($true) {
+        $cmd = $connection.CreateCommand()
+        $cmd.CommandText = "select max(Id) from IntrusionLog"
+        $result = $cmd.ExecuteScalar()
+        $cmd.Dispose()
+        
+        $timestamp = Get-Date -Format "HH:mm:ss"
+        Write-Host "[$timestamp] Max Log ID: $result"
+        
+        Start-Sleep -Seconds 1
+    }
+}
+finally {
+    $connection.Close()
+    Write-Host "Connection closed."
+}
diff --git a/scratch/test_indirect_route.ps1 b/scratch/test_indirect_route.ps1
new file mode 100644
index 0000000..dea0304
--- /dev/null
+++ b/scratch/test_indirect_route.ps1
@@ -0,0 +1,60 @@
+$code = @"
+using System;
+using System.Runtime.InteropServices;
+using System.Net;
+
+public class IndirectRouteTester {
+    [StructLayout(LayoutKind.Sequential)]
+    public struct MIB_IPFORWARDROW {
+        public uint dwForwardDest;
+        public uint dwForwardMask;
+        public uint dwForwardPolicy;
+        public uint dwForwardNextHop;
+        public uint dwForwardIfIndex;
+        public uint dwForwardType;
+        public uint dwForwardProto;
+        public uint dwForwardAge;
+        public uint dwForwardNextHopAS;
+        public uint dwForwardMetric1;
+        public uint dwForwardMetric2;
+        public uint dwForwardMetric3;
+        public uint dwForwardMetric4;
+        public uint dwForwardMetric5;
+    }
+
+    [DllImport("iphlpapi.dll", SetLastError = true)]
+    public static extern int CreateIpForwardEntry(ref MIB_IPFORWARDROW pRoute);
+
+    private static uint IpToUint(string ipAddress) {
+        IPAddress ip = IPAddress.Parse(ipAddress);
+        byte[] bytes = ip.GetAddressBytes();
+        return BitConverter.ToUInt32(bytes, 0);
+    }
+
+    public static void AddRoute(string destIp, uint type, string nextHop, uint ifIndex) {
+        MIB_IPFORWARDROW route = new MIB_IPFORWARDROW();
+        route.dwForwardDest = IpToUint(destIp);
+        route.dwForwardMask = 0xFFFFFFFF; // 255.255.255.255
+        route.dwForwardNextHop = IpToUint(nextHop);
+        route.dwForwardIfIndex = ifIndex;
+        route.dwForwardMetric1 = 99;
+        
+        route.dwForwardMetric2 = 0xFFFFFFFF;
+        route.dwForwardMetric3 = 0xFFFFFFFF;
+        route.dwForwardMetric4 = 0xFFFFFFFF;
+        route.dwForwardMetric5 = 0xFFFFFFFF;
+        
+        route.dwForwardProto = 3; // NetMgmt
+        route.dwForwardType = type; // 4 = Indirect
+        route.dwForwardAge = 0;
+        route.dwForwardPolicy = 0;
+        
+        int res = CreateIpForwardEntry(ref route);
+        Console.WriteLine("AddRoute Result: " + res);
+    }
+}
+"@
+
+Add-Type -TypeDefinition $code
+
+[IndirectRouteTester]::AddRoute("192.168.1.18", 4, "192.168.1.11", 5)
diff --git a/scratch/test_local_ip_routing.ps1 b/scratch/test_local_ip_routing.ps1
new file mode 100644
index 0000000..e313953
--- /dev/null
+++ b/scratch/test_local_ip_routing.ps1
@@ -0,0 +1,93 @@
+Start-Transcript -Path "c:\Cyberarms\test_local_result.txt" -Force
+
+$code = @"
+using System;
+using System.Runtime.InteropServices;
+using System.Net;
+using System.Net.NetworkInformation;
+
+public class RouteTesterLocal {
+    [StructLayout(LayoutKind.Sequential)]
+    public struct MIB_IPFORWARDROW {
+        public uint dwForwardDest;
+        public uint dwForwardMask;
+        public uint dwForwardPolicy;
+        public uint dwForwardNextHop;
+        public uint dwForwardIfIndex;
+        public uint dwForwardType;
+        public uint dwForwardProto;
+        public uint dwForwardAge;
+        public uint dwForwardNextHopAS;
+        public uint dwForwardMetric1;
+        public uint dwForwardMetric2;
+        public uint dwForwardMetric3;
+        public uint dwForwardMetric4;
+        public uint dwForwardMetric5;
+    }
+
+    [DllImport("iphlpapi.dll", SetLastError = true)]
+    public static extern int CreateIpForwardEntry(ref MIB_IPFORWARDROW pRoute);
+
+    [DllImport("iphlpapi.dll", SetLastError = true)]
+    public static extern int DeleteIpForwardEntry(ref MIB_IPFORWARDROW pRoute);
+
+    private static uint IpToUint(string ipAddress) {
+        IPAddress ip = IPAddress.Parse(ipAddress);
+        byte[] bytes = ip.GetAddressBytes();
+        return BitConverter.ToUInt32(bytes, 0);
+    }
+
+    public static void TestRoute(string destIp, uint type, string nextHop, uint ifIndex, uint proto, uint metric) {
+        MIB_IPFORWARDROW route = new MIB_IPFORWARDROW();
+        route.dwForwardDest = IpToUint(destIp);
+        route.dwForwardMask = 0xFFFFFFFF; // 255.255.255.255
+        route.dwForwardNextHop = IpToUint(nextHop);
+        route.dwForwardIfIndex = ifIndex;
+        route.dwForwardMetric1 = metric;
+        
+        route.dwForwardMetric2 = 0xFFFFFFFF;
+        route.dwForwardMetric3 = 0xFFFFFFFF;
+        route.dwForwardMetric4 = 0xFFFFFFFF;
+        route.dwForwardMetric5 = 0xFFFFFFFF;
+        
+        route.dwForwardProto = proto;
+        route.dwForwardType = type;
+        route.dwForwardAge = 0;
+        route.dwForwardPolicy = 0;
+        
+        int res = CreateIpForwardEntry(ref route);
+        Console.WriteLine("Dest={0}, If={1}, Type={2}, NextHop={3}, Proto={4}, Metric={5} -> Result={6}", destIp, ifIndex, type, nextHop, proto, metric, res);
+        
+        if (res == 0 || res == 5010) {
+            DeleteIpForwardEntry(ref route);
+            Console.WriteLine("  Successfully deleted test route.");
+        }
+    }
+}
+"@
+
+Add-Type -TypeDefinition $code
+
+$loopbackIf = 1
+$ethernetIf = 5 # from the route print
+
+Write-Host "Running local subnet IP parameter tests for 192.168.1.9..."
+Write-Host "--------------------------------------------------------"
+
+# Test 1: On Loopback
+Write-Host "Testing on Loopback Interface ($loopbackIf):"
+[RouteTesterLocal]::TestRoute("192.168.1.9", 3, "0.0.0.0", $loopbackIf, 3, 99)
+[RouteTesterLocal]::TestRoute("192.168.1.9", 4, "0.0.0.0", $loopbackIf, 3, 99)
+[RouteTesterLocal]::TestRoute("192.168.1.9", 3, "127.0.0.1", $loopbackIf, 3, 99)
+[RouteTesterLocal]::TestRoute("192.168.1.9", 4, "127.0.0.1", $loopbackIf, 3, 99)
+
+# Test 2: On Ethernet
+Write-Host "Testing on Ethernet Interface ($ethernetIf):"
+[RouteTesterLocal]::TestRoute("192.168.1.9", 3, "0.0.0.0", $ethernetIf, 3, 99)
+[RouteTesterLocal]::TestRoute("192.168.1.9", 4, "0.0.0.0", $ethernetIf, 3, 99)
+[RouteTesterLocal]::TestRoute("192.168.1.9", 3, "192.168.1.11", $ethernetIf, 3, 99)
+[RouteTesterLocal]::TestRoute("192.168.1.9", 4, "192.168.1.11", $ethernetIf, 3, 99)
+[RouteTesterLocal]::TestRoute("192.168.1.9", 3, "127.0.0.1", $ethernetIf, 3, 99)
+[RouteTesterLocal]::TestRoute("192.168.1.9", 4, "127.0.0.1", $ethernetIf, 3, 99)
+
+Stop-Transcript
diff --git a/scratch/test_metrics.ps1 b/scratch/test_metrics.ps1
new file mode 100644
index 0000000..a8c18eb
--- /dev/null
+++ b/scratch/test_metrics.ps1
@@ -0,0 +1,73 @@
+$code = @"
+using System;
+using System.Runtime.InteropServices;
+using System.Net;
+using System.Net.NetworkInformation;
+
+public class RouteTester3 {
+    [StructLayout(LayoutKind.Sequential)]
+    public struct MIB_IPFORWARDROW {
+        public uint dwForwardDest;
+        public uint dwForwardMask;
+        public uint dwForwardPolicy;
+        public uint dwForwardNextHop;
+        public uint dwForwardIfIndex;
+        public uint dwForwardType;
+        public uint dwForwardProto;
+        public uint dwForwardAge;
+        public uint dwForwardNextHopAS;
+        public uint dwForwardMetric1;
+        public uint dwForwardMetric2;
+        public uint dwForwardMetric3;
+        public uint dwForwardMetric4;
+        public uint dwForwardMetric5;
+    }
+
+    [DllImport("iphlpapi.dll", SetLastError = true)]
+    public static extern int CreateIpForwardEntry(ref MIB_IPFORWARDROW pRoute);
+
+    private static uint IpToUint(string ipAddress) {
+        IPAddress ip = IPAddress.Parse(ipAddress);
+        byte[] bytes = ip.GetAddressBytes();
+        return BitConverter.ToUInt32(bytes, 0);
+    }
+
+    public static uint GetLoopbackIndex() {
+        foreach (var ni in NetworkInterface.GetAllNetworkInterfaces()) {
+            if (ni.NetworkInterfaceType == NetworkInterfaceType.Loopback) {
+                var ipProps = ni.GetIPProperties();
+                var ipv4Props = ipProps.GetIPv4Properties();
+                if (ipv4Props != null) {
+                    return (uint)ipv4Props.Index;
+                }
+            }
+        }
+        return 1;
+    }
+
+    public static int TestMetric(uint metric) {
+        uint loopbackIndex = GetLoopbackIndex();
+        
+        MIB_IPFORWARDROW route = new MIB_IPFORWARDROW();
+        route.dwForwardDest = IpToUint("10.254.254.254");
+        route.dwForwardMask = 0xFFFFFFFF;
+        route.dwForwardNextHop = IpToUint("127.0.0.1");
+        route.dwForwardIfIndex = loopbackIndex;
+        route.dwForwardMetric1 = metric;
+        route.dwForwardProto = 3;
+        route.dwForwardType = 4;
+        
+        return CreateIpForwardEntry(ref route);
+    }
+}
+"@
+
+Add-Type -TypeDefinition $code
+
+Write-Host "Searching for valid metric range..."
+for ($m = 1; $m -le 100; $m++) {
+    $res = [RouteTester3]::TestMetric($m)
+    if ($res -ne 160) {
+        Write-Host "Metric $m -> Result $res"
+    }
+}
diff --git a/scratch/test_null_routing.ps1 b/scratch/test_null_routing.ps1
new file mode 100644
index 0000000..016a7d3
--- /dev/null
+++ b/scratch/test_null_routing.ps1
@@ -0,0 +1,62 @@
+$binDir = "C:\Program Files\Cyberarms Intrusion Detection"
+$serviceDll = Join-Path $binDir "CyberarmsIdsService.exe"
+
+try {
+    Write-Host "Loading CyberarmsIdsService assembly..."
+    $assembly = [System.Reflection.Assembly]::LoadFrom($serviceDll)
+    
+    # Get FirewallPolicyManager type
+    $fpmType = $assembly.GetType("Cyberarms.IntrusionDetection.FirewallPolicyManager")
+    if ($fpmType -eq $null) {
+        throw "Could not find FirewallPolicyManager type in assembly."
+    }
+    
+    # Get Instance singleton
+    $instanceProp = $fpmType.GetProperty("Instance", [System.Reflection.BindingFlags]::Static -bor [System.Reflection.BindingFlags]::NonPublic -bor [System.Reflection.BindingFlags]::Public)
+    $fpmInstance = $instanceProp.GetValue($null, $null)
+    if ($fpmInstance -eq $null) {
+        throw "Could not retrieve FirewallPolicyManager.Instance."
+    }
+    
+    # Get Block and Remove methods
+    $blockMethod = $fpmType.GetMethod("Block", [System.Reflection.BindingFlags]::Instance -bor [System.Reflection.BindingFlags]::NonPublic -bor [System.Reflection.BindingFlags]::Public)
+    $removeMethod = $fpmType.GetMethod("RemoveIpAddressFromBlockList", [System.Reflection.BindingFlags]::Instance -bor [System.Reflection.BindingFlags]::NonPublic -bor [System.Reflection.BindingFlags]::Public)
+    
+    $testIp = "10.254.254.254"
+    
+    Write-Host "1. Testing Block($testIp)..."
+    $blockMethod.Invoke($fpmInstance, @($testIp))
+    
+    Start-Sleep -Seconds 1
+    
+    Write-Host "Checking routing table for $testIp..."
+    $route = Get-NetRoute -DestinationPrefix "$testIp/32" -ErrorAction SilentlyContinue
+    if ($route) {
+        Write-Host "SUCCESS: Route found in routing table:" -ForegroundColor Green
+        $route | Format-Table DestinationPrefix, NextHop, InterfaceIndex, RouteMetric
+    } else {
+        Write-Host "FAILED: Route not found in routing table. (Ensure you are running this script in an elevated PowerShell session)" -ForegroundColor Red
+    }
+    
+    Write-Host "2. Testing RemoveIpAddressFromBlockList($testIp)..."
+    $removeMethod.Invoke($fpmInstance, @($testIp))
+    
+    Start-Sleep -Seconds 1
+    
+    Write-Host "Re-checking routing table for $testIp..."
+    $routeAfter = Get-NetRoute -DestinationPrefix "$testIp/32" -ErrorAction SilentlyContinue
+    if (-not $routeAfter) {
+        Write-Host "SUCCESS: Route successfully removed from routing table!" -ForegroundColor Green
+    } else {
+        Write-Host "FAILED: Route still exists in routing table." -ForegroundColor Red
+        $routeAfter | Format-Table DestinationPrefix, NextHop, InterfaceIndex, RouteMetric
+    }
+    
+} catch {
+    Write-Host "ERROR ENCOUNTERED:" -ForegroundColor Red
+    Write-Host $_.Exception.ToString()
+    if ($_.Exception.InnerException) {
+        Write-Host "INNER EXCEPTION:" -ForegroundColor Red
+        Write-Host $_.Exception.InnerException.ToString()
+    }
+}
diff --git a/scratch/test_params.ps1 b/scratch/test_params.ps1
new file mode 100644
index 0000000..b642b95
--- /dev/null
+++ b/scratch/test_params.ps1
@@ -0,0 +1,89 @@
+$code = @"
+using System;
+using System.Runtime.InteropServices;
+using System.Net;
+using System.Net.NetworkInformation;
+
+public class RouteTester {
+    [StructLayout(LayoutKind.Sequential)]
+    public struct MIB_IPFORWARDROW {
+        public uint dwForwardDest;
+        public uint dwForwardMask;
+        public uint dwForwardPolicy;
+        public uint dwForwardNextHop;
+        public uint dwForwardIfIndex;
+        public uint dwForwardType;
+        public uint dwForwardProto;
+        public uint dwForwardAge;
+        public uint dwForwardNextHopAS;
+        public uint dwForwardMetric1;
+        public uint dwForwardMetric2;
+        public uint dwForwardMetric3;
+        public uint dwForwardMetric4;
+        public uint dwForwardMetric5;
+    }
+
+    [DllImport("iphlpapi.dll", SetLastError = true)]
+    public static extern int CreateIpForwardEntry(ref MIB_IPFORWARDROW pRoute);
+
+    [DllImport("iphlpapi.dll", SetLastError = true)]
+    public static extern int DeleteIpForwardEntry(ref MIB_IPFORWARDROW pRoute);
+
+    private static uint IpToUint(string ipAddress) {
+        IPAddress ip = IPAddress.Parse(ipAddress);
+        byte[] bytes = ip.GetAddressBytes();
+        return BitConverter.ToUInt32(bytes, 0);
+    }
+
+    public static uint GetLoopbackIndex() {
+        foreach (var ni in NetworkInterface.GetAllNetworkInterfaces()) {
+            if (ni.NetworkInterfaceType == NetworkInterfaceType.Loopback) {
+                var ipProps = ni.GetIPProperties();
+                var ipv4Props = ipProps.GetIPv4Properties();
+                if (ipv4Props != null) {
+                    return (uint)ipv4Props.Index;
+                }
+            }
+        }
+        return 1;
+    }
+
+    public static void TestRoute(string ipStr, uint type, string nextHopStr, uint proto, uint metric) {
+        uint loopbackIndex = GetLoopbackIndex();
+        
+        MIB_IPFORWARDROW route = new MIB_IPFORWARDROW();
+        route.dwForwardDest = IpToUint(ipStr);
+        route.dwForwardMask = 0xFFFFFFFF; // 255.255.255.255
+        route.dwForwardNextHop = IpToUint(nextHopStr);
+        route.dwForwardIfIndex = loopbackIndex;
+        route.dwForwardMetric1 = metric;
+        route.dwForwardProto = proto;
+        route.dwForwardType = type;
+        route.dwForwardAge = 0;
+        route.dwForwardPolicy = 0;
+        
+        int res = CreateIpForwardEntry(ref route);
+        Console.WriteLine("Test: Type={0}, NextHop={1}, Proto={2}, Metric={3} -> Result={4}", type, nextHopStr, proto, metric, res);
+        
+        if (res == 0 || res == 5010) {
+            // Cleanup
+            DeleteIpForwardEntry(ref route);
+        }
+    }
+}
+"@
+
+Add-Type -TypeDefinition $code
+
+$testIp = "10.254.254.254"
+# Try combinations
+Write-Host "Running parameter test..."
+[RouteTester]::TestRoute($testIp, 3, "127.0.0.1", 3, 1) # Direct, 127.0.0.1, netmgmt
+[RouteTester]::TestRoute($testIp, 4, "127.0.0.1", 3, 1) # Indirect, 127.0.0.1, netmgmt
+[RouteTester]::TestRoute($testIp, 3, "0.0.0.0", 3, 1)   # Direct, 0.0.0.0, netmgmt
+[RouteTester]::TestRoute($testIp, 4, "0.0.0.0", 3, 1)   # Indirect, 0.0.0.0, netmgmt
+
+[RouteTester]::TestRoute($testIp, 3, "127.0.0.1", 2, 1) # Direct, 127.0.0.1, local
+[RouteTester]::TestRoute($testIp, 4, "127.0.0.1", 2, 1) # Indirect, 127.0.0.1, local
+[RouteTester]::TestRoute($testIp, 3, "127.0.0.1", 3, 99) # Direct, 127.0.0.1, netmgmt, metric 99
+[RouteTester]::TestRoute($testIp, 4, "127.0.0.1", 3, 99) # Indirect, 127.0.0.1, netmgmt, metric 99
diff --git a/scratch/test_params2.ps1 b/scratch/test_params2.ps1
new file mode 100644
index 0000000..9fc18d9
--- /dev/null
+++ b/scratch/test_params2.ps1
@@ -0,0 +1,96 @@
+$code = @"
+using System;
+using System.Runtime.InteropServices;
+using System.Net;
+using System.Net.NetworkInformation;
+
+public class RouteTester2 {
+    [StructLayout(LayoutKind.Sequential)]
+    public struct MIB_IPFORWARDROW {
+        public uint dwForwardDest;
+        public uint dwForwardMask;
+        public uint dwForwardPolicy;
+        public uint dwForwardNextHop;
+        public uint dwForwardIfIndex;
+        public uint dwForwardType;
+        public uint dwForwardProto;
+        public uint dwForwardAge;
+        public uint dwForwardNextHopAS;
+        public uint dwForwardMetric1;
+        public uint dwForwardMetric2;
+        public uint dwForwardMetric3;
+        public uint dwForwardMetric4;
+        public uint dwForwardMetric5;
+    }
+
+    [DllImport("iphlpapi.dll", SetLastError = true)]
+    public static extern int CreateIpForwardEntry(ref MIB_IPFORWARDROW pRoute);
+
+    [DllImport("iphlpapi.dll", SetLastError = true)]
+    public static extern int DeleteIpForwardEntry(ref MIB_IPFORWARDROW pRoute);
+
+    private static uint IpToUint(string ipAddress) {
+        IPAddress ip = IPAddress.Parse(ipAddress);
+        byte[] bytes = ip.GetAddressBytes();
+        return BitConverter.ToUInt32(bytes, 0);
+    }
+
+    public static uint GetLoopbackIndex() {
+        foreach (var ni in NetworkInterface.GetAllNetworkInterfaces()) {
+            if (ni.NetworkInterfaceType == NetworkInterfaceType.Loopback) {
+                var ipProps = ni.GetIPProperties();
+                var ipv4Props = ipProps.GetIPv4Properties();
+                if (ipv4Props != null) {
+                    return (uint)ipv4Props.Index;
+                }
+            }
+        }
+        return 1;
+    }
+
+    public static void TestRoute(string ipStr, uint type, string nextHopStr, uint proto, uint metric, bool setUnusedMetrics) {
+        uint loopbackIndex = GetLoopbackIndex();
+        
+        MIB_IPFORWARDROW route = new MIB_IPFORWARDROW();
+        route.dwForwardDest = IpToUint(ipStr);
+        route.dwForwardMask = 0xFFFFFFFF; // 255.255.255.255
+        route.dwForwardNextHop = IpToUint(nextHopStr);
+        route.dwForwardIfIndex = loopbackIndex;
+        route.dwForwardMetric1 = metric;
+        
+        if (setUnusedMetrics) {
+            route.dwForwardMetric2 = 0xFFFFFFFF;
+            route.dwForwardMetric3 = 0xFFFFFFFF;
+            route.dwForwardMetric4 = 0xFFFFFFFF;
+            route.dwForwardMetric5 = 0xFFFFFFFF;
+        } else {
+            route.dwForwardMetric2 = 0;
+            route.dwForwardMetric3 = 0;
+            route.dwForwardMetric4 = 0;
+            route.dwForwardMetric5 = 0;
+        }
+        
+        route.dwForwardProto = proto;
+        route.dwForwardType = type;
+        route.dwForwardAge = 0;
+        route.dwForwardPolicy = 0;
+        
+        int res = CreateIpForwardEntry(ref route);
+        Console.WriteLine("Test: Type={0}, NextHop={1}, Proto={2}, Metric={3}, SetUnused={4} -> Result={5}", type, nextHopStr, proto, metric, setUnusedMetrics, res);
+        
+        if (res == 0 || res == 5010) {
+            DeleteIpForwardEntry(ref route);
+        }
+    }
+}
+"@
+
+Add-Type -TypeDefinition $code
+
+$testIp = "10.254.254.254"
+Write-Host "Running parameter test with unused metrics set/unset..."
+[RouteTester2]::TestRoute($testIp, 3, "127.0.0.1", 3, 1, $false)
+[RouteTester2]::TestRoute($testIp, 3, "127.0.0.1", 3, 1, $true)
+[RouteTester2]::TestRoute($testIp, 4, "127.0.0.1", 3, 1, $true)
+[RouteTester2]::TestRoute($testIp, 3, "0.0.0.0", 3, 1, $true)
+[RouteTester2]::TestRoute($testIp, 4, "0.0.0.0", 3, 1, $true)
diff --git a/scratch/test_params_elevated.ps1 b/scratch/test_params_elevated.ps1
new file mode 100644
index 0000000..6dae77d
--- /dev/null
+++ b/scratch/test_params_elevated.ps1
@@ -0,0 +1,97 @@
+$code = @"
+using System;
+using System.Runtime.InteropServices;
+using System.Net;
+using System.Net.NetworkInformation;
+
+public class RouteTesterElevated {
+    [StructLayout(LayoutKind.Sequential)]
+    public struct MIB_IPFORWARDROW {
+        public uint dwForwardDest;
+        public uint dwForwardMask;
+        public uint dwForwardPolicy;
+        public uint dwForwardNextHop;
+        public uint dwForwardIfIndex;
+        public uint dwForwardType;
+        public uint dwForwardProto;
+        public uint dwForwardAge;
+        public uint dwForwardNextHopAS;
+        public uint dwForwardMetric1;
+        public uint dwForwardMetric2;
+        public uint dwForwardMetric3;
+        public uint dwForwardMetric4;
+        public uint dwForwardMetric5;
+    }
+
+    [DllImport("iphlpapi.dll", SetLastError = true)]
+    public static extern int CreateIpForwardEntry(ref MIB_IPFORWARDROW pRoute);
+
+    [DllImport("iphlpapi.dll", SetLastError = true)]
+    public static extern int DeleteIpForwardEntry(ref MIB_IPFORWARDROW pRoute);
+
+    private static uint IpToUint(string ipAddress) {
+        IPAddress ip = IPAddress.Parse(ipAddress);
+        byte[] bytes = ip.GetAddressBytes();
+        return BitConverter.ToUInt32(bytes, 0);
+    }
+
+    public static uint GetLoopbackIndex() {
+        foreach (var ni in NetworkInterface.GetAllNetworkInterfaces()) {
+            if (ni.NetworkInterfaceType == NetworkInterfaceType.Loopback) {
+                var ipProps = ni.GetIPProperties();
+                var ipv4Props = ipProps.GetIPv4Properties();
+                if (ipv4Props != null) {
+                    return (uint)ipv4Props.Index;
+                }
+            }
+        }
+        return 1;
+    }
+
+    public static void TestRoute(string destIp, uint type, string nextHop, uint proto, uint metric) {
+        uint loopbackIndex = GetLoopbackIndex();
+        
+        MIB_IPFORWARDROW route = new MIB_IPFORWARDROW();
+        route.dwForwardDest = IpToUint(destIp);
+        route.dwForwardMask = 0xFFFFFFFF; // 255.255.255.255
+        route.dwForwardNextHop = IpToUint(nextHop);
+        route.dwForwardIfIndex = loopbackIndex;
+        route.dwForwardMetric1 = metric;
+        
+        route.dwForwardMetric2 = 0xFFFFFFFF;
+        route.dwForwardMetric3 = 0xFFFFFFFF;
+        route.dwForwardMetric4 = 0xFFFFFFFF;
+        route.dwForwardMetric5 = 0xFFFFFFFF;
+        
+        route.dwForwardProto = proto;
+        route.dwForwardType = type;
+        route.dwForwardAge = 0;
+        route.dwForwardPolicy = 0;
+        
+        int res = CreateIpForwardEntry(ref route);
+        Console.WriteLine("Type={0}, NextHop={1}, Proto={2}, Metric={3} -> Result={4}", type, nextHop, proto, metric, res);
+        
+        if (res == 0 || res == 5010) {
+            DeleteIpForwardEntry(ref route);
+            Console.WriteLine("  Successfully deleted test route.");
+        }
+    }
+}
+"@
+
+Add-Type -TypeDefinition $code
+
+$testIp = "10.254.254.254"
+Write-Host "Running elevated parameter combinations test..."
+Write-Host "------------------------------------------------"
+[RouteTesterElevated]::TestRoute($testIp, 3, "127.0.0.1", 3, 99) # Direct, 127.0.0.1, netmgmt
+[RouteTesterElevated]::TestRoute($testIp, 4, "127.0.0.1", 3, 99) # Indirect, 127.0.0.1, netmgmt
+[RouteTesterElevated]::TestRoute($testIp, 3, "0.0.0.0", 3, 99)   # Direct, 0.0.0.0, netmgmt
+[RouteTesterElevated]::TestRoute($testIp, 4, "0.0.0.0", 3, 99)   # Indirect, 0.0.0.0, netmgmt
+
+Write-Host ""
+Write-Host "Trying local protocol (2)..."
+[RouteTesterElevated]::TestRoute($testIp, 3, "127.0.0.1", 2, 99) # Direct, 127.0.0.1, local
+[RouteTesterElevated]::TestRoute($testIp, 4, "127.0.0.1", 2, 99) # Indirect, 127.0.0.1, local
+[RouteTesterElevated]::TestRoute($testIp, 3, "0.0.0.0", 2, 99)   # Direct, 0.0.0.0, local
+[RouteTesterElevated]::TestRoute($testIp, 4, "0.0.0.0", 2, 99)   # Indirect, 0.0.0.0, local
diff --git a/uninstall.bat b/uninstall.bat
new file mode 100644
index 0000000..9e9904f
--- /dev/null
+++ b/uninstall.bat
@@ -0,0 +1,8 @@
+@echo off
+net session >nul 2>&1
+if %errorLevel% == 0 (
+    powershell -NoProfile -ExecutionPolicy Bypass -File "%~dp0uninstall.ps1"
+    pause
+) else (
+    powershell -Command "Start-Process cmd -ArgumentList '/c \"\"%~dp0uninstall.bat\"\"' -Verb RunAs"
+)
diff --git a/uninstall.ps1 b/uninstall.ps1
new file mode 100644
index 0000000..71e8328
--- /dev/null
+++ b/uninstall.ps1
@@ -0,0 +1,61 @@
+$isAdmin = ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
+if (-not $isAdmin) {
+    Write-Error "This uninstaller requires Administrator privileges. Please run as Administrator."
+    Exit
+}
+
+$installDir = "C:\Program Files\Cyberarms Intrusion Detection"
+$serviceName = "Cyberarms Intrusion Detection"
+$binPath = "$installDir\CyberarmsIdsService.exe"
+
+# 1. Stop and uninstall service
+$existingService = Get-Service $serviceName -ErrorAction SilentlyContinue
+if ($existingService) {
+    Write-Host "Stopping Cyberarms service..."
+    Stop-Service $serviceName -Force -ErrorAction SilentlyContinue
+    Start-Sleep -Seconds 2
+    
+    Write-Host "Uninstalling Cyberarms service..."
+    $installUtil = "C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
+    if (Test-Path $installUtil -and (Test-Path $binPath)) {
+        & $installUtil /u $binPath | Out-Null
+    } else {
+        & sc.exe delete $serviceName | Out-Null
+    }
+    Start-Sleep -Seconds 1
+}
+
+# 2. Delete Shortcuts
+Write-Host "Removing shortcuts..."
+$desktopPath = [System.Environment]::GetFolderPath("Desktop")
+$desktopLnk = "$desktopPath\Cyberarms Intrusion Detection.lnk"
+if (Test-Path $desktopLnk) {
+    Remove-Item $desktopLnk -Force
+}
+
+$startMenuPath = [System.Environment]::GetFolderPath("CommonPrograms")
+$cyberarmsProgramsFolder = "$startMenuPath\Cyberarms Intrusion Detection"
+if (Test-Path $cyberarmsProgramsFolder) {
+    Remove-Item $cyberarmsProgramsFolder -Recurse -Force
+}
+
+# 3. Delete event log source and log
+Write-Host "Removing Event Log source..."
+try {
+    if ([System.Diagnostics.EventLog]::SourceExists("Cyberarms Intrusion Detection")) {
+        [System.Diagnostics.EventLog]::DeleteEventSource("Cyberarms Intrusion Detection")
+    }
+    if ([System.Diagnostics.EventLog]::Exists("Cyberarms")) {
+        [System.Diagnostics.EventLog]::Delete("Cyberarms")
+    }
+} catch {
+    Write-Warning "Could not clean up Event Log source/log: $_"
+}
+
+# 4. Delete deployed files
+Write-Host "Removing application files from $installDir..."
+if (Test-Path $installDir) {
+    Remove-Item $installDir -Recurse -Force
+}
+
+Write-Host "`nUninstallation Completed Successfully!"