diff --git a/installer/etc/tpot/compose/all.yml b/installer/etc/tpot/compose/all.yml index c28c4ae3..3fa3e2ba 100644 --- a/installer/etc/tpot/compose/all.yml +++ b/installer/etc/tpot/compose/all.yml @@ -14,47 +14,46 @@ networks: ui-for-docker_local: services: - + # Conpot service conpot: container_name: conpot restart: always networks: - - conpot_local + - conpot_local ports: - "1025:1025" - "50100:50100" image: "dtagdevsec/conpot:1706" volumes: - - /data/conpot:/data/conpot - - /data/ews:/data/ews + - /data/conpot/log:/var/log/conpot # Cowrie service cowrie: container_name: cowrie restart: always networks: - - cowrie_local + - cowrie_local cap_add: - NET_BIND_SERVICE ports: - - "22:22" - - "23:23" + - "22:2222" + - "23:2223" image: "dtagdevsec/cowrie:1706" volumes: - /data/cowrie:/data/cowrie - + # Dionaea service dionaea: container_name: dionaea stdin_open: true restart: always networks: - - dionaea_local + - dionaea_local cap_add: - NET_BIND_SERVICE ports: - - "21:21" + - "21:21" - "42:42" - "69:69/udp" - "8081:80" @@ -65,7 +64,7 @@ services: - "1723:1723" - "1883:1883" - "1900:1900" - - "3306:3306" + - "3306:3306" - "5060:5060" - "5061:5061" - "5060:5060/udp" @@ -79,7 +78,7 @@ services: container_name: elasticpot restart: always networks: - - elasticpot_local + - elasticpot_local ports: - "9200:9200" image: "dtagdevsec/elasticpot:1706" @@ -92,8 +91,8 @@ services: container_name: elasticsearch restart: always environment: - - bootstrap.memory_lock=true -# - "ES_JAVA_OPTS=-Xms1g -Xmx1g" + - bootstrap.memory_lock=true +# - "ES_JAVA_OPTS=-Xms1g -Xmx1g" cap_add: - IPC_LOCK ulimits: @@ -115,8 +114,8 @@ services: container_name: kibana restart: always depends_on: - elasticsearch: - condition: service_healthy + elasticsearch: + condition: service_healthy ports: - "127.0.0.1:64296:5601" image: "dtagdevsec/kibana:1706" @@ -126,8 +125,8 @@ services: container_name: logstash restart: always depends_on: - elasticsearch: - condition: service_healthy + elasticsearch: + condition: service_healthy env_file: - /etc/tpot/elk/environment image: "dtagdevsec/logstash:1706" @@ -140,8 +139,8 @@ services: container_name: head restart: always depends_on: - elasticsearch: - condition: service_healthy + elasticsearch: + condition: service_healthy ports: - "127.0.0.1:64302:9100" image: "dtagdevsec/head:1706" @@ -151,7 +150,7 @@ services: container_name: emobility restart: always networks: - - emobility_local + - emobility_local cap_add: - NET_ADMIN ports: @@ -166,7 +165,7 @@ services: container_name: ewsposter restart: always networks: - - ewsposter_local + - ewsposter_local image: "dtagdevsec/ewsposter:1706" volumes: - /data:/data @@ -177,7 +176,7 @@ services: container_name: glastopf restart: always networks: - - glastopf_local + - glastopf_local ports: - "80:80" image: "dtagdevsec/glastopf:1706" @@ -196,15 +195,15 @@ services: volumes: - /data/honeytrap:/data/honeytrap - /data/ews:/data/ews - + # Netdata service netdata: container_name: netdata restart: always network_mode: "host" depends_on: - elasticsearch: - condition: service_healthy + elasticsearch: + condition: service_healthy cap_add: - SYS_PTRACE security_opt: @@ -220,26 +219,26 @@ services: container_name: spiderfoot restart: always networks: - - spiderfoot_local + - spiderfoot_local ports: - "127.0.0.1:64303:8080" image: "dtagdevsec/spiderfoot:1706" volumes: - /data/spiderfoot/spiderfoot.db:/home/spiderfoot/spiderfoot.db - + # Ui-for-docker service ui-for-docker: container_name: ui-for-docker command: -H unix:///var/run/docker.sock --no-auth restart: always networks: - - ui-for-docker_local + - ui-for-docker_local ports: - "127.0.0.1:64299:9000" image: "dtagdevsec/ui-for-docker:1706" volumes: - /var/run/docker.sock:/var/run/docker.sock - + # Suricata service suricata: container_name: suricata @@ -252,3 +251,12 @@ services: image: "dtagdevsec/suricata:1706" volumes: - /data/suricata/log:/var/log/suricata + +# P0f service + p0f: + container_name: p0f + restart: always + network_mode: "host" + image: "dtagdevsec/p0f:1706" + volumes: + - /data/p0f/log:/var/log/p0f diff --git a/installer/etc/tpot/compose/hp.yml b/installer/etc/tpot/compose/hp.yml index a81d933a..8dfe6dc2 100644 --- a/installer/etc/tpot/compose/hp.yml +++ b/installer/etc/tpot/compose/hp.yml @@ -1,4 +1,4 @@ -# T-Pot (Honeypots) +# T-Pot (HP) # For docker-compose ... version: '2.1' @@ -16,12 +16,12 @@ services: container_name: cowrie restart: always networks: - - cowrie_local + - cowrie_local cap_add: - NET_BIND_SERVICE ports: - - "22:22" - - "23:23" + - "22:2222" + - "23:2223" image: "dtagdevsec/cowrie:1706" volumes: - /data/cowrie:/data/cowrie @@ -32,7 +32,7 @@ services: stdin_open: true restart: always networks: - - dionaea_local + - dionaea_local cap_add: - NET_BIND_SERVICE ports: @@ -61,7 +61,7 @@ services: container_name: elasticpot restart: always networks: - - elasticpot_local + - elasticpot_local ports: - "9200:9200" image: "dtagdevsec/elasticpot:1706" @@ -73,7 +73,7 @@ services: container_name: ewsposter restart: always networks: - - ewsposter_local + - ewsposter_local image: "dtagdevsec/ewsposter:1706" volumes: - /data:/data @@ -84,7 +84,7 @@ services: container_name: glastopf restart: always networks: - - glastopf_local + - glastopf_local ports: - "80:80" image: "dtagdevsec/glastopf:1706" diff --git a/installer/etc/tpot/compose/industrial.yml b/installer/etc/tpot/compose/industrial.yml index 5a8099b4..6783803f 100644 --- a/installer/etc/tpot/compose/industrial.yml +++ b/installer/etc/tpot/compose/industrial.yml @@ -10,20 +10,19 @@ networks: ui-for-docker_local: services: - + # Conpot service conpot: container_name: conpot restart: always networks: - - conpot_local + - conpot_local ports: - "1025:1025" - "50100:50100" image: "dtagdevsec/conpot:1706" volumes: - - /data/conpot:/data/conpot - - /data/ews:/data/ews + - /data/conpot/log:/var/log/conpot # ELK services ## Elasticsearch service @@ -31,8 +30,8 @@ services: container_name: elasticsearch restart: always environment: - - bootstrap.memory_lock=true -# - "ES_JAVA_OPTS=-Xms1g -Xmx1g" + - bootstrap.memory_lock=true +# - "ES_JAVA_OPTS=-Xms1g -Xmx1g" cap_add: - IPC_LOCK ulimits: @@ -54,8 +53,8 @@ services: container_name: kibana restart: always depends_on: - elasticsearch: - condition: service_healthy + elasticsearch: + condition: service_healthy ports: - "127.0.0.1:64296:5601" image: "dtagdevsec/kibana:1706" @@ -65,8 +64,8 @@ services: container_name: logstash restart: always depends_on: - elasticsearch: - condition: service_healthy + elasticsearch: + condition: service_healthy env_file: - /etc/tpot/elk/environment image: "dtagdevsec/logstash:1706" @@ -79,8 +78,8 @@ services: container_name: head restart: always depends_on: - elasticsearch: - condition: service_healthy + elasticsearch: + condition: service_healthy ports: - "127.0.0.1:64302:9100" image: "dtagdevsec/head:1706" @@ -90,7 +89,7 @@ services: container_name: emobility restart: always networks: - - emobility_local + - emobility_local cap_add: - NET_ADMIN ports: @@ -105,7 +104,7 @@ services: container_name: ewsposter restart: always networks: - - ewsposter_local + - ewsposter_local image: "dtagdevsec/ewsposter:1706" volumes: - /data:/data @@ -117,8 +116,8 @@ services: restart: always network_mode: "host" depends_on: - elasticsearch: - condition: service_healthy + elasticsearch: + condition: service_healthy cap_add: - SYS_PTRACE security_opt: @@ -134,26 +133,26 @@ services: container_name: spiderfoot restart: always networks: - - spiderfoot_local + - spiderfoot_local ports: - "127.0.0.1:64303:8080" image: "dtagdevsec/spiderfoot:1706" volumes: - /data/spiderfoot/spiderfoot.db:/home/spiderfoot/spiderfoot.db - + # Ui-for-docker service ui-for-docker: container_name: ui-for-docker command: -H unix:///var/run/docker.sock --no-auth restart: always networks: - - ui-for-docker_local + - ui-for-docker_local ports: - "127.0.0.1:64299:9000" image: "dtagdevsec/ui-for-docker:1706" volumes: - /var/run/docker.sock:/var/run/docker.sock - + # Suricata service suricata: container_name: suricata @@ -166,3 +165,12 @@ services: image: "dtagdevsec/suricata:1706" volumes: - /data/suricata/log:/var/log/suricata + +# P0f service + p0f: + container_name: p0f + restart: always + network_mode: "host" + image: "dtagdevsec/p0f:1706" + volumes: + - /data/p0f/log:/var/log/p0f diff --git a/installer/etc/tpot/compose/tpot.yml b/installer/etc/tpot/compose/tpot.yml index eae3875c..e656c683 100644 --- a/installer/etc/tpot/compose/tpot.yml +++ b/installer/etc/tpot/compose/tpot.yml @@ -18,12 +18,12 @@ services: container_name: cowrie restart: always networks: - - cowrie_local + - cowrie_local cap_add: - NET_BIND_SERVICE ports: - - "22:22" - - "23:23" + - "22:2222" + - "23:2223" image: "dtagdevsec/cowrie:1706" volumes: - /data/cowrie:/data/cowrie @@ -34,7 +34,7 @@ services: stdin_open: true restart: always networks: - - dionaea_local + - dionaea_local cap_add: - NET_BIND_SERVICE ports: @@ -63,7 +63,7 @@ services: container_name: elasticpot restart: always networks: - - elasticpot_local + - elasticpot_local ports: - "9200:9200" image: "dtagdevsec/elasticpot:1706" @@ -76,8 +76,8 @@ services: container_name: elasticsearch restart: always environment: - - bootstrap.memory_lock=true - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + - bootstrap.memory_lock=true + - "ES_JAVA_OPTS=-Xms512m -Xmx512m" cap_add: - IPC_LOCK ulimits: @@ -99,8 +99,8 @@ services: container_name: kibana restart: always depends_on: - elasticsearch: - condition: service_healthy + elasticsearch: + condition: service_healthy ports: - "127.0.0.1:64296:5601" image: "dtagdevsec/kibana:1706" @@ -110,8 +110,8 @@ services: container_name: logstash restart: always depends_on: - elasticsearch: - condition: service_healthy + elasticsearch: + condition: service_healthy env_file: - /etc/tpot/elk/environment image: "dtagdevsec/logstash:1706" @@ -124,8 +124,8 @@ services: container_name: head restart: always depends_on: - elasticsearch: - condition: service_healthy + elasticsearch: + condition: service_healthy ports: - "127.0.0.1:64302:9100" image: "dtagdevsec/head:1706" @@ -135,7 +135,7 @@ services: container_name: ewsposter restart: always networks: - - ewsposter_local + - ewsposter_local image: "dtagdevsec/ewsposter:1706" volumes: - /data:/data @@ -146,7 +146,7 @@ services: container_name: glastopf restart: always networks: - - glastopf_local + - glastopf_local ports: - "80:80" image: "dtagdevsec/glastopf:1706" @@ -172,8 +172,8 @@ services: restart: always network_mode: "host" depends_on: - elasticsearch: - condition: service_healthy + elasticsearch: + condition: service_healthy cap_add: - SYS_PTRACE security_opt: @@ -189,7 +189,7 @@ services: container_name: spiderfoot restart: always networks: - - spiderfoot_local + - spiderfoot_local ports: - "127.0.0.1:64303:8080" image: "dtagdevsec/spiderfoot:1706" @@ -202,7 +202,7 @@ services: command: -H unix:///var/run/docker.sock --no-auth restart: always networks: - - ui-for-docker_local + - ui-for-docker_local ports: - "127.0.0.1:64299:9000" image: "dtagdevsec/ui-for-docker:1706" @@ -221,3 +221,13 @@ services: image: "dtagdevsec/suricata:1706" volumes: - /data/suricata/log:/var/log/suricata + +# P0f service + p0f: + container_name: p0f + restart: always + network_mode: "host" + image: "dtagdevsec/p0f:1706" + volumes: + - /data/p0f/log:/var/log/p0f +