From 32e1e8a8ea4db4c5a7b508fa686259c067e1f0e0 Mon Sep 17 00:00:00 2001 From: t3chn0m4g3 Date: Mon, 20 Sep 2021 16:08:16 +0000 Subject: [PATCH] prep for rebuilding ciscoasa, elasticpot, honeypy --- docker/ciscoasa/Dockerfile | 2 +- docker/ciscoasa/docker-compose.yml | 2 +- docker/elasticpot/Dockerfile | 2 +- docker/elasticpot/docker-compose.yml | 2 +- docker/honeypy/Dockerfile | 38 +++++++++++++++------------- docker/honeypy/docker-compose.yml | 2 +- 6 files changed, 25 insertions(+), 23 deletions(-) diff --git a/docker/ciscoasa/Dockerfile b/docker/ciscoasa/Dockerfile index 07ee800f..49233257 100644 --- a/docker/ciscoasa/Dockerfile +++ b/docker/ciscoasa/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.13 +FROM alpine:3.14 # # Include dist ADD dist/ /root/dist/ diff --git a/docker/ciscoasa/docker-compose.yml b/docker/ciscoasa/docker-compose.yml index bb2a466f..bf85bc48 100644 --- a/docker/ciscoasa/docker-compose.yml +++ b/docker/ciscoasa/docker-compose.yml @@ -13,7 +13,7 @@ services: ports: - "5000:5000/udp" - "8443:8443" - image: "ghcr.io/telekom-security/ciscoasa:2006" + image: "dtagdevsec/ciscoasa:2006" read_only: true volumes: - /data/ciscoasa/log:/var/log/ciscoasa diff --git a/docker/elasticpot/Dockerfile b/docker/elasticpot/Dockerfile index 91bcaf12..6b399690 100644 --- a/docker/elasticpot/Dockerfile +++ b/docker/elasticpot/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.13 +FROM alpine:3.14 # # Include dist ADD dist/ /root/dist/ diff --git a/docker/elasticpot/docker-compose.yml b/docker/elasticpot/docker-compose.yml index e8d3e67d..16ce22cf 100644 --- a/docker/elasticpot/docker-compose.yml +++ b/docker/elasticpot/docker-compose.yml @@ -14,7 +14,7 @@ services: - elasticpot_local ports: - "9200:9200" - image: "ghcr.io/telekom-security/elasticpot:2006" + image: "dtagdevsec/elasticpot:2006" read_only: true volumes: - /data/elasticpot/log:/opt/elasticpot/log diff --git a/docker/honeypy/Dockerfile b/docker/honeypy/Dockerfile index e796f446..c9f1a39f 100644 --- a/docker/honeypy/Dockerfile +++ b/docker/honeypy/Dockerfile @@ -1,20 +1,20 @@ -FROM alpine:3.11 +FROM debian:buster-slim # # Include dist ADD dist/ /root/dist/ # # Install packages -RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \ - apk -U --no-cache add \ - build-base \ +RUN apt-get update -y && \ + apt-get install -y \ + build-essential \ git \ - libcap \ - python2 \ - python2-dev \ - py2-pip && \ + libcap2-bin \ + python2 \ + python2-dev \ + python-pip && \ # # Install virtualenv - pip install --no-cache-dir virtualenv && \ + pip install --no-cache-dir virtualenv==20.4.7 && \ # # Clone honeypy from git git clone https://github.com/foospidy/HoneyPy /opt/honeypy && \ @@ -36,20 +36,22 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \ /opt/honeypy/env/bin/pip install -r /opt/honeypy/requirements.txt && \ # # Setup user, groups and configs - addgroup -g 2000 honeypy && \ - adduser -S -H -s /bin/ash -u 2000 -D -g 2000 honeypy && \ + addgroup --gid 2000 honeypy && \ + adduser --system --no-create-home --shell /bin/bash --uid 2000 --disabled-password --disabled-login --gid 2000 honeypy && \ chown -R honeypy:honeypy /opt/honeypy && \ setcap cap_net_bind_service=+ep /opt/honeypy/env/bin/python && \ # # Clean up - apk del --purge build-base \ - git \ - python2-dev \ - py2-pip && \ - rm -rf /root/* && \ - rm -rf /var/cache/apk/* + apt-get purge -y \ + build-essential \ + git \ + python2-dev \ + python-pip && \ + apt-get autoremove --purge -y && \ + apt-get clean && \ + rm -rf /root/* /var/lib/apt/lists/* /tmp/* /var/tmp/* # -# Set workdir and start mailoney +# Set workdir and start honeypy USER honeypy:honeypy WORKDIR /opt/honeypy CMD ["/opt/honeypy/env/bin/python2", "/opt/honeypy/Honey.py", "-d"] diff --git a/docker/honeypy/docker-compose.yml b/docker/honeypy/docker-compose.yml index caa6c928..dd12fa2d 100644 --- a/docker/honeypy/docker-compose.yml +++ b/docker/honeypy/docker-compose.yml @@ -20,7 +20,7 @@ services: - "2324:2324" - "4096:4096" - "9200:9200" - image: "ghcr.io/telekom-security/honeypy:2006" + image: "dtagdevsec/honeypy:2006" read_only: true volumes: - /data/honeypy/log:/opt/honeypy/log