Quick Start Guide
Quick Start Guide
Get HookProbe protecting your network in under 5 minutes.
Prerequisites
Before you begin, ensure you have:
- Operating System: Ubuntu 22.04+, Debian 11+, or Raspberry Pi OS (Bookworm)
- Architecture: x86_64 or ARM64 (ARMv8)
- Minimum RAM: 1.5GB (Guardian), 4GB (Fortress), 16GB (Nexus)
- Kernel: Linux 5.4+ recommended for full XDP features
Installation
-
Clone the Repository
Terminal window git clone https://github.com/hookprobe/hookprobe.gitcd hookprobe -
Run the Bootstrap Installer
Terminal window sudo ./install.sh --tier guardianFor Raspberry Pi 4/5 with 1.5GB+ RAM. Creates a secure WiFi hotspot.
Terminal window sudo ./install.sh --tier fortress --enable-aiochiFor Intel N100/N200 mini PCs. Includes VLAN segmentation and full IDS/IPS.
Terminal window sudo ./install.sh --tier nexus --enable-gpu --enable-haFor datacenter servers. Includes ML training and ClickHouse analytics.
The installer will:
- Detect your environment (OS, architecture, kernel, NICs)
- Install dependencies (Podman, OVS, Python packages)
- Deploy systemd services
- Run initial provisioning
- Start the monitoring agent
-
Verify Installation
Terminal window # Check statushookprobe-ctl status# View logshookprobe-ctl logs -f# Check healthhookprobe-ctl health -
Access the Dashboard
For Guardian deployments:
- Connect to HookProbe-Guardian WiFi
- Open http://192.168.4.1:8080
For Fortress/Nexus:
- Access the web dashboard at your configured IP
What Happens During Installation
The installer performs a complete environment setup:
| Step | Description |
|---|---|
| Detection | Identifies OS, CPU architecture, kernel version, and network interfaces |
| Dependencies | Installs Podman, OpenVSwitch, Python packages, security tools |
| Directories | Creates /opt/hookprobe/, /etc/hookprobe/, /var/log/hookprobe/ |
| Services | Deploys systemd units for provision, agent, and update services |
| Provisioning | Configures network interfaces, XDP programs, firewall rules |
| Agent Start | Launches the monitoring daemon with QSecBit scoring |
Post-Installation
Enable Auto-Updates (Optional)
sudo hookprobe-ctl enable-autoupdateUpdates run weekly on Sundays at 3:00 AM with automatic rollback on failure.
Configure XDP DDoS Mitigation
# Edit systemd environmentsudo systemctl edit hookprobe-agent.service
# Add:[Service]Environment="XDP_ENABLED=true"
# Restartsudo systemctl daemon-reloadsudo systemctl restart hookprobe-agent.serviceVerify XDP is Active
# Check XDP program attachmentip link show | grep xdp
# View statisticshookprobe-ctl metrics | grep xdpService Management
| Command | Description |
|---|---|
hookprobe-ctl status | Show service status |
hookprobe-ctl start | Start all services |
hookprobe-ctl stop | Stop all services |
hookprobe-ctl restart | Restart all services |
hookprobe-ctl logs -f | Follow agent logs |
hookprobe-ctl health | Check health endpoints |
hookprobe-ctl metrics | View current metrics |
Health Endpoints
# Local health checkcurl http://localhost:8888/health
# Metrics in JSONcurl http://localhost:8888/metrics | jq .Troubleshooting
Services Won’t Start
# Check detailed statussystemctl status hookprobe-agent.service
# View error logsjournalctl -u hookprobe-agent.service --no-pager -n 50
# Re-run provisioningsudo systemctl start hookprobe-provision.servicePort Conflicts
# Check if port 8888 is in usesudo ss -tlnp | grep 8888Permission Issues
sudo chown -R root:root /opt/hookprobesudo chmod 755 /opt/hookprobeNext Steps
- Installation Details - Advanced installation options
- Configuration Guide - Customize your deployment
- CLI Reference - Full
hookprobe-ctldocumentation - Architecture Overview - Understand the 7-POD stack