From 4e6f4fc9e85a0a12303c4e7d79943a865bf93add Mon Sep 17 00:00:00 2001 From: Marco Ochse Date: Tue, 6 Jun 2017 22:32:49 +0000 Subject: [PATCH] finetuning add p0f change some defaults --- installer/bin/clean.sh | 9 +++++++++ installer/bin/dps.sh | 1 - installer/etc/tpot/systemd/tpot.service | 2 +- installer/install.sh | 1 + 4 files changed, 11 insertions(+), 2 deletions(-) diff --git a/installer/bin/clean.sh b/installer/bin/clean.sh index 8cc61381..17976775 100755 --- a/installer/bin/clean.sh +++ b/installer/bin/clean.sh @@ -94,6 +94,14 @@ fuSURICATA () { chown tpot:tpot -R /data/suricata } +# Let's create a function to clean up and prepare p0f data +fuP0F () { + rm -rf /data/p0f/* + mkdir -p /data/p0f/log + chmod 760 -R /data/p0f + chown tpot:tpot -R /data/p0f +} + fuCONPOT fuCOWRIE fuDIONAEA @@ -104,3 +112,4 @@ fuGLASTOPF fuHONEYTRAP fuSPIDERFOOT fuSURICATA +fuP0F diff --git a/installer/bin/dps.sh b/installer/bin/dps.sh index 535b10ad..afde929c 100755 --- a/installer/bin/dps.sh +++ b/installer/bin/dps.sh @@ -10,7 +10,6 @@ stty -echo -icanon time 0 min 0 myIMAGES=$(cat /etc/tpot/tpot.yml | grep container_name | cut -d: -f2) while true do - clear echo "" echo "======| System |======" echo Date:" "$(date) diff --git a/installer/etc/tpot/systemd/tpot.service b/installer/etc/tpot/systemd/tpot.service index a8caff02..2523261d 100644 --- a/installer/etc/tpot/systemd/tpot.service +++ b/installer/etc/tpot/systemd/tpot.service @@ -39,7 +39,7 @@ ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 1025,50100, ExecStartPre=/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -j NFQUEUE # Compose T-Pot up -ExecStart=/usr/local/bin/docker-compose -f /etc/tpot/tpot.yml up +ExecStart=/usr/local/bin/docker-compose -f /etc/tpot/tpot.yml up --no-color # Compose T-Pot down, remove containers and volumes ExecStop=/usr/local/bin/docker-compose -f /etc/tpot/tpot.yml down -v diff --git a/installer/install.sh b/installer/install.sh index 1b3a03dc..ea8e3ed1 100755 --- a/installer/install.sh +++ b/installer/install.sh @@ -445,6 +445,7 @@ mkdir -p /data/conpot/log \ /data/ews/conf \ /data/spiderfoot \ /data/suricata/log /home/tsec/.ssh/ \ + /data/p0f/log \ /etc/tpot/elk /etc/tpot/compose /etc/tpot/systemd \ /usr/share/tpot/bin 2>&1 | dialog --title "[ Creating some files and folders ]" $myPROGRESSBOXCONF touch /data/spiderfoot/spiderfoot.db 2>&1 | dialog --title "[ Creating some files and folders ]" $myPROGRESSBOXCONF