bProbe is a Snort IDS that is configured to run in packet logger mode. It can be installed on a pc and inserted at a key juncture in a network to monitor and collect network activity data. The data collected is sent to a central “receiver” server (not included), which is any software capable of interpreting IDS data such as Snort or its variants.
Positioning in the network
Multiple remote IDS Snort probes (bProbes) strategically placed throughout an enterprise network can be used to forward any detected security incidents to the primary database (the receiver/collector).
Typically the positioning of an IDS Snort probe will be at the ingress/egress interface point for a particular security zone.
A web GUI Interface to manage your probe
bProbe uses Snort, Barnyard2, and Pulled_Pork, which are provided pre-configured on a Linux Centos 64-bit CD to save you time and maintenance.
You simply need to provide the IP address of your monitoring server (receiver/collector) and bProbe is ready to start sending captured information.
bProbe automatically updates itself and it’s Sourcefire VRT Certified Rules when you define your registered user account in the web GUI.
Free Open Source Security Probe
Download bProbe ISO Image
Currently there is one popular way to install/deploy the bProbe Open Source Security Probe. Below is a quick step-by-step tutorial in PDF format for installing bProbe form the ISO image.