Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-01 04:22:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

tweaking

Browse source
This commit is contained in:
t3chn0m4g3 2024-02-28 21:05:03 +01:00
parent be74fc75ca
commit 519a101fdf
10 changed files with 37 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docker/adbhoney/dist/cpu_check.py vendored
View file

@ -3,7 +3,7 @@ import sys
import time import time
if len(sys.argv) != 3: if len(sys.argv) != 3:
print("Usage: script.py <PID> <CPU_USAGE_THRESHOLD>") print("Usage: cpu_check.py <PID> <CPU_USAGE_THRESHOLD>")
sys.exit(1) sys.exit(1)
try: try:

2
docker/conpot/dist/cpu_check.py vendored
View file

@ -3,7 +3,7 @@ import sys
import time import time
if len(sys.argv) != 3: if len(sys.argv) != 3:
print("Usage: script.py <PID> <CPU_USAGE_THRESHOLD>") print("Usage: cpu_check.py <PID> <CPU_USAGE_THRESHOLD>")
sys.exit(1) sys.exit(1)
try: try:

2
docker/dionaea/Dockerfile
View file

@ -40,7 +40,6 @@ RUN ARCH=$(arch) && \
python3-boto3 \ python3-boto3 \
python3-bson \ python3-bson \
python3-yaml \ python3-yaml \
python3-psutil \
fonts-liberation && \ fonts-liberation && \
# #
# Get and install dionaea # Get and install dionaea
@ -96,6 +95,7 @@ RUN ARCH=$(arch) && \
python3 \ python3 \
python3-boto3 \ python3-boto3 \
python3-bson \ python3-bson \
python3-psutil \
python3-yaml \ python3-yaml \
libcurl4 \ libcurl4 \
libemu2 \ libemu2 \

2
docker/dionaea/dist/cpu_check.py vendored
View file

@ -3,7 +3,7 @@ import sys
import time import time
if len(sys.argv) != 3: if len(sys.argv) != 3:
print("Usage: script.py <PID> <CPU_USAGE_THRESHOLD>") print("Usage: cpu_check.py <PID> <CPU_USAGE_THRESHOLD>")
sys.exit(1) sys.exit(1)
try: try:

2
docker/endlessh/docker-compose.yml
View file

@ -19,4 +19,4 @@ services:
image: "dtagdevsec/endlessh:alpha" image: "dtagdevsec/endlessh:alpha"
read_only: true read_only: true
volumes: volumes:
- /data/endlessh/log:/var/log/endlessh - $HOME/tpotce/data/endlessh/log:/var/log/endlessh

49
docker/ewsposter/Dockerfile
View file

@ -1,29 +1,30 @@
FROM alpine:3.17 FROM alpine:3.19
# #
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Install packages # Install packages
RUN apk -U --no-cache add \ RUN apk -U --no-cache add \
build-base \ build-base \
git \ git \
libffi-dev \ libffi-dev \
libssl1.1 \ libssl3 \
openssl-dev \ openssl-dev \
python3 \ python3 \
python3-dev \ python3-dev \
py3-cffi \ py3-cffi \
py3-cryptography \ py3-cryptography \
py3-ipaddress \ py3-ipaddress \
py3-lxml \ py3-lxml \
py3-mysqlclient \ py3-mysqlclient \
py3-openssl \ py3-openssl \
py3-requests \ py3-requests \
py3-pip \ py3-pip \
py3-setuptools \ py3-setuptools \
py3-wheel && \ py3-wheel && \
pip3 install --upgrade pip && \ pip3 install --break-system-packages --upgrade pip && \
pip3 install --no-cache-dir configparser hpfeeds3 influxdb influxdb-client xmljson && \ pip3 install --break-system-packages --no-cache-dir configparser hpfeeds3 influxdb influxdb-client xmljson && \
# #
# Setup ewsposter # Setup ewsposter
git clone https://github.com/telekom-security/ewsposter -b v1.25.0 /opt/ewsposter && \ git clone https://github.com/telekom-security/ewsposter -b v1.25.0 /opt/ewsposter && \
@ -41,10 +42,10 @@ RUN apk -U --no-cache add \
# #
# Clean up # Clean up
apk del build-base \ apk del build-base \
git \ git \
openssl-dev \ openssl-dev \
python3-dev \ python3-dev \
py-setuptools && \ py-setuptools && \
rm -rf /root/* /var/cache/apk/* /opt/ewsposter/.git rm -rf /root/* /var/cache/apk/* /opt/ewsposter/.git
# #
# Run ewsposter # Run ewsposter

8
docker/ewsposter/docker-compose.yml
View file

@ -21,11 +21,9 @@ services:
- EWS_HPFEEDS_CHANNELS=channels - EWS_HPFEEDS_CHANNELS=channels
- EWS_HPFEEDS_IDENT=user - EWS_HPFEEDS_IDENT=user
- EWS_HPFEEDS_SECRET=secret - EWS_HPFEEDS_SECRET=secret
- EWS_HPFEEDS_TLSCERT=/opt/ewsposter/ca.pem - EWS_HPFEEDS_TLSCERT=false
- EWS_HPFEEDS_FORMAT=json - EWS_HPFEEDS_FORMAT=json
env_file:
- /opt/tpot/etc/compose/elk_environment
image: "dtagdevsec/ewsposter:alpha" image: "dtagdevsec/ewsposter:alpha"
volumes: volumes:
- /data:/data - $HOME/tpotce/data:/data
# - /data/ews/conf/ews.ip:/opt/ewsposter/ews.ip - $HOME/tpotce/data/ews/conf/ews.ip:/opt/ewsposter/ews.ip

3
docker/tpotinit/Dockerfile
View file

@ -41,6 +41,7 @@ RUN apk --no-cache -U add \
# #
# Run tpotinit # Run tpotinit
WORKDIR /opt/tpot WORKDIR /opt/tpot
HEALTHCHECK --interval=5m --timeout=30s --retries=3 CMD pgrep -f autoheal || exit 1 #HEALTHCHECK --interval=5s --timeout=30s --retries=3 CMD pgrep -f autoheal || exit 1
HEALTHCHECK --retries=1000 --interval=5s CMD test -f /tmp/success || exit 1
STOPSIGNAL SIGKILL STOPSIGNAL SIGKILL
CMD ["/opt/tpot/entrypoint.sh"] CMD ["/opt/tpot/entrypoint.sh"]

1
docker/tpotinit/dist/entrypoint.sh vendored
View file

@ -300,6 +300,7 @@ echo
figlet "Starting ..." figlet "Starting ..."
figlet "T-Pot: ${TPOT_VERSION}" figlet "T-Pot: ${TPOT_VERSION}"
echo echo
touch /tmp/success
# We want to see true source for UDP packets in container (https://github.com/moby/libnetwork/issues/1994) # We want to see true source for UDP packets in container (https://github.com/moby/libnetwork/issues/1994)
# Start autoheal if running on a supported os # Start autoheal if running on a supported os

2
docker/tpotinit/docker-compose.yml
View file

@ -9,7 +9,7 @@ services:
env_file: env_file:
- $HOME/tpotce/.env - $HOME/tpotce/.env
restart: "no" restart: "no"
image: "ghcr.io/telekom-security/tpotinit:alpha" image: "dtagdevsec/tpotinit:alpha"
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro - /var/run/docker.sock:/var/run/docker.sock:ro
- $HOME/tpotce/data:/data - $HOME/tpotce/data:/data