diff --git a/README.md b/README.md index 69926875..fd666e4d 100644 --- a/README.md +++ b/README.md @@ -181,6 +181,7 @@ During the installation and during the usage of T-Pot there are two different ty | Elasticvue | BasicAuth | `` | `` you chose during the installation of T-Pot. | | Geoip Attack Map | BasicAuth | `` | `` you chose during the installation of T-Pot. | | Spiderfoot | BasicAuth | `` | `` you chose during the installation of T-Pot. | +

# System Requirements @@ -192,7 +193,8 @@ Depending on the installation setup, edition, installing on [real hardware](#run | Standalone | 8-16GB | >=128GB SSD | RAM requirements depend on the edition, storage on how much data you want to persist. | | Hive | >=8GB | >=256GB SSD | As a rule of thumb, the more sensors & data, the more RAM and storage is needed. | | Hive_Sensor | >=8GB | >=128GB SSD | Since honeypot logs are persisted (/data) for 30 days, storage depends on attack volume. | -
+ +

Besides that all T-Pot installations will require ... - an IP address via DHCP @@ -233,7 +235,7 @@ Some users report working installations on other clouds and hosters, i.e. Azure Besides the ports generally needed by the OS, i.e. obtaining a DHCP lease, DNS, etc. T-Pot will require the following ports for incomding / outgoing connections. Review the [T-Pot Architecure](#technical-architecture) for a visual representation. Also some ports will show up as duplicates, which is fine since used in different editions. | Port | Protocol | Direction | Description | | :--- | :--- | :--- | :--- | -| 80, 443 | tcp | outgoing | T-Pot Management: Install, Updates, Logs (i.e. Debian,
GitHub, DockerHub, PyPi, Sicherheitstacho, etc. | +| 80, 443 | tcp | outgoing | T-Pot Management: Install, Updates, Logs (i.e. Debian, GitHub, DockerHub, PyPi, Sicherheitstacho, etc. | | 64294 | tcp | incoming | T-Pot Management: Access to Cockpit | | 64295 | tcp | incoming | T-Pot Management: Access to SSH | | 64297 | tcp | incoming | T-Pot Management Access to NGINX reverse proxy | @@ -241,17 +243,17 @@ Besides the ports generally needed by the OS, i.e. obtaining a DHCP lease, DNS, | 5000 | udp | incoming | Honeypot: CiscoASA | | 8443 | tcp | incoming | Honeypot: CiscoASA | | 443 | tcp | incoming | Honeypot: CitrixHoneypot | -| 80, 102, 502, 1025, 2404,
10001, 44818, 47808, 50100 | tcp | incoming | Honeypot: Conpot | +| 80, 102, 502, 1025, 2404, 10001, 44818, 47808, 50100 | tcp | incoming | Honeypot: Conpot | | 161, 623 | udp | incoming | Honeypot: Conpot | | 22, 23 | tcp | incoming | Honeypot: Cowrie | | 19, 53, 123, 1900 | udp| incoming | Honeypot: Ddospot | | 11112 | tcp | incoming | Honeypot: Dicompot | -| 21, 42, 135, 443, 445,
1433, 1723, 1883, 3306, 8081 | tcp | incoming | Honeypot: Dionaea | +| 21, 42, 135, 443, 445, 1433, 1723, 1883, 3306, 8081 | tcp | incoming | Honeypot: Dionaea | | 69 | udp | incoming | Honeypot: Dionaea | | 9200 | tcp | incoming | Honeypot: Elasticpot | | 22 | tcp | incoming | Honeypot: Endlessh | -| 21, 22, 23, 25, 80, 110, 143, 443,
993, 995, 1080, 5432, 5900 | tcp | incoming | Honeypot: Heralding | -| 21, 22, 23, 25, 80, 110, 143, 389,
443, 445, 1080, 1433, 1521,
3306, 5432, 5900, 6379,
8080, 9200, 11211 | tcp | incoming | Honeypot: qHoneypots | +| 21, 22, 23, 25, 80, 110, 143, 443, 993, 995, 1080, 5432, 5900 | tcp | incoming | Honeypot: Heralding | +| 21, 22, 23, 25, 80, 110, 143, 389, 443, 445, 1080, 1433, 1521, 3306, 5432, 5900, 6379, 8080, 9200, 11211 | tcp | incoming | Honeypot: qHoneypots | | 53, 123, 161| udp | incoming | Honeypot: qHoneypots | | 631 | tcp | incoming | Honeypot: IPPHoney | | 80, 443, 8080, 9200, 25565 | tcp | incoming | Honeypot: Log4Pot |