cleaning up

bin/clean.sh

@@ -119,14 +119,6 @@ fuELK () {
   chown tpot:tpot /data/elk -R
 }
 
-# Let's create a function to clean up and prepare emobility data
-fuEMOBILITY () {
-  if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/emobility/*; fi
-  mkdir -p /data/emobility/log
-  chmod 760 /data/emobility -R
-  chown tpot:tpot /data/emobility -R
-}
-
 # Let's create a function to clean up and prepare glastopf data
 fuGLASTOPF () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/glastopf/*; fi
@@ -223,14 +215,6 @@ fuTANNER () {
   chown tpot:tpot -R /data/tanner
 }
 
-# Let's create a function to clean up and prepare vnclowpot data
-fuVNCLOWPOT () {
-  if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/vnclowpot/*; fi
-  mkdir -p /data/vnclowpot/log/
-  chmod 760 /data/vnclowpot/ -R
-  chown tpot:tpot /data/vnclowpot/ -R
-}
-
 # Avoid unwanted cleaning
 if [ "$myPERSISTENCE" = "" ];
   then
@@ -259,7 +243,6 @@ if [ "$myPERSISTENCE" = "on" ];
     fuDIONAEA
     fuELASTICPOT
     fuELK
-    fuEMOBILITY
     fuGLASTOPF
     fuGLUTTON
     fuHERALDING
@@ -272,5 +255,4 @@ if [ "$myPERSISTENCE" = "on" ];
     fuSURICATA
     fuP0F
     fuTANNER
-    fuVNCLOWPOT
   fi

etc/compose/industrial.yml

@@ -10,6 +10,7 @@ networks:
   conpot_local_kamstrup_382:
   cowrie_local:
   cyberchef_local:
+  heralding_local:
   medpot_local:
   rdpy_local:
   ewsposter_local:

etc/compose/legacy.yml

@@ -6,9 +6,9 @@ networks:
   cowrie_local:
   elasticpot_local:
   glastopf_local:
+  heralding_local:
   mailoney_local:
   rdpy_local:
-  vnclowpot_local:
   ewsposter_local:
   spiderfoot_local:
 
@@ -103,6 +103,32 @@ services:
      - /data/glastopf/db:/tmp/glastopf/db
      - /data/glastopf/log:/tmp/glastopf/log
 
+# Heralding service
+  heralding:
+    container_name: heralding
+    restart: always
+    tmpfs:
+     - /tmp/heralding:uid=2000,gid=2000
+    networks:
+     - heralding_local
+    ports:
+    # - "21:21"
+    # - "22:22"
+    # - "23:23"
+    # - "25:25"
+    # - "80:80"
+    # - "110:110"
+    # - "143:143"
+    # - "443:443"
+    # - "993:993"
+    # - "995:995"
+    # - "5432:5432"
+     - "5900:5900"
+    image: "dtagdevsec/heralding:1804"
+    read_only: true
+    volumes:
+     - /data/heralding/log:/var/log/heralding
+
 # Honeytrap service
   honeytrap:
     container_name: honeytrap
@@ -159,19 +185,6 @@ services:
     volumes:
      - /data/rdpy/log:/var/log/rdpy
 
-# Vnclowpot service
-  vnclowpot:
-    container_name: vnclowpot
-    restart: always
-    networks:
-     - vnclowpot_local
-    ports:
-     - "5900:5900"
-    image: "dtagdevsec/vnclowpot:1804"
-    read_only: true
-    volumes:
-     - /data/vnclowpot/log:/var/log/vnclowpot
-
 
 ##################
 #### NSM

etc/logrotate/logrotate.conf

@@ -13,8 +13,6 @@
 /data/dionaea/dionaea-errors.log
 /data/elasticpot/log/elasticpot.log
 /data/elk/log/*.log
-/data/emobility/log/centralsystem.log
-/data/emobility/log/centralsystemEWS.log
 /data/glastopf/log/glastopf.log
 /data/glastopf/db/glastopf.db
 /data/glutton/log/*.log
@@ -33,7 +31,6 @@
 /data/suricata/log/*.log
 /data/suricata/log/*.json
 /data/tanner/log/*.json
-/data/vnclowpot/log/vnclowpot.log
 {
 	su tpot tpot
         copytruncate

iso/installer/install.sh

@@ -706,8 +706,7 @@ mkdir -p /data/ciscoasa/log \
          /data/spiderfoot \
          /data/suricata/log /home/tsec/.ssh/ \
 	 /data/tanner/log /data/tanner/files \
-         /data/p0f/log \
+         /data/p0f/log 2>&1 | dialog --title "[ Creating some files and folders ]" $myPROGRESSBOXCONF
-         /data/vnclowpot/log 2>&1 | dialog --title "[ Creating some files and folders ]" $myPROGRESSBOXCONF
 touch /data/spiderfoot/spiderfoot.db 2>&1 | dialog --title "[ Creating some files and folders ]" $myPROGRESSBOXCONF
 touch /data/nginx/log/error.log  2>&1 | dialog --title "[ Creating some files and folders ]" $myPROGRESSBOXCONF