From securityonline.info
The Cyberprobe project is an open-source distributed architecture for real-time monitoring of networks against attack. The software consists of two components:
- a probe, which collects data packets and forwards it over a network in standard streaming protocols.
- a monitor, which receives the streamed packets, decodes the protocols and interprets the information.
These components can be used together or separately. For a simple configuration, they can be run on the same host, for more complex environments, a number of probes can feed a single monitor.