Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-02 04:52:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

hardening

Browse source
This commit is contained in:
Marco Ochse 2018-05-19 19:13:03 +00:00
parent 779dc7fc7e
commit 48b8915689
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
docker/honeytrap/Dockerfile
View file

@ -13,6 +13,8 @@ RUN apt-get update -y && \
build-essential \ build-essential \
git \ git \
iptables \ iptables \
libcap2 \
libcap2-bin \
libnetfilter-queue1 \ libnetfilter-queue1 \
libnetfilter-queue-dev \ libnetfilter-queue-dev \
libjson-c-dev \ libjson-c-dev \
@ -42,6 +44,7 @@ RUN apt-get update -y && \
adduser --system --no-create-home --shell /bin/bash --uid 2000 --disabled-password --disabled-login --gid 2000 honeytrap && \ adduser --system --no-create-home --shell /bin/bash --uid 2000 --disabled-password --disabled-login --gid 2000 honeytrap && \
mkdir -p /opt/honeytrap/etc/honeytrap/ /opt/honeytrap/var/attacks /opt/honeytrap/var/downloads /opt/honeytrap/var/log && \ mkdir -p /opt/honeytrap/etc/honeytrap/ /opt/honeytrap/var/attacks /opt/honeytrap/var/downloads /opt/honeytrap/var/log && \
mv /root/dist/honeytrap.conf /opt/honeytrap/etc/honeytrap/ && \ mv /root/dist/honeytrap.conf /opt/honeytrap/etc/honeytrap/ && \
setcap cap_net_admin=+ep /opt/honeytrap/sbin/honeytrap && \
# Clean up # Clean up
rm -rf /root/* && \ rm -rf /root/* && \
@ -54,4 +57,5 @@ RUN apt-get update -y && \
apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
# Start honeytrap # Start honeytrap
USER honeytrap:honeytrap
CMD ["/opt/honeytrap/sbin/honeytrap", "-D", "-C", "/opt/honeytrap/etc/honeytrap/honeytrap.conf", "-P", "/tmp/honeytrap/honeytrap.pid", "-t", "5", "-u", "honeytrap", "-g", "honeytrap"] CMD ["/opt/honeytrap/sbin/honeytrap", "-D", "-C", "/opt/honeytrap/etc/honeytrap/honeytrap.conf", "-P", "/tmp/honeytrap/honeytrap.pid", "-t", "5", "-u", "honeytrap", "-g", "honeytrap"]