diff --git a/CONTRIBUTING.MD b/CONTRIBUTING.MD index 909f3f90..22b001b2 100644 --- a/CONTRIBUTING.MD +++ b/CONTRIBUTING.MD @@ -23,7 +23,7 @@ Thank you :smiley: -### Baisc support information +### Basic support information - What T-Pot version are you currtently using? - Are you running on a Intel NUC or a VM? diff --git a/installer/bin/clean.sh b/installer/bin/clean.sh index 17976775..45ac49d2 100755 --- a/installer/bin/clean.sh +++ b/installer/bin/clean.sh @@ -78,7 +78,15 @@ fuHONEYTRAP () { chown tpot:tpot /data/honeytrap/ -R } -# Let's create a function prepare spiderfoot db +# Let's create a function to clean up and prepare mailoney data +fuHONEYTRAP () { + rm -rf /data/mailoney/* + mkdir -p /data/mailoney/log/ + chmod 760 /data/mailoney/ -R + chown tpot:tpot /data/mailoney/ -R +} + +# Let's create a function to prepare spiderfoot db fuSPIDERFOOT () { mkdir -p /data/spiderfoot touch /data/spiderfoot/spiderfoot.db diff --git a/installer/etc/tpot/compose/all.yml b/installer/etc/tpot/compose/all.yml index 3fa3e2ba..7d448add 100644 --- a/installer/etc/tpot/compose/all.yml +++ b/installer/etc/tpot/compose/all.yml @@ -10,6 +10,7 @@ networks: emobility_local: ewsposter_local: glastopf_local: + mailoney_local: spiderfoot_local: ui-for-docker_local: @@ -195,6 +196,18 @@ services: volumes: - /data/honeytrap:/data/honeytrap - /data/ews:/data/ews + +# Mailoney service + mailoney: + container_name: mailoney + restart: always + networks: + - mailoney_local + ports: + - "25:2525" + image: "dtagdevsec/mailoney:1706" + volumes: + - /data/mailoney/log:/opt/mailoney/logs # Netdata service netdata: diff --git a/installer/etc/tpot/compose/hp.yml b/installer/etc/tpot/compose/hp.yml index 8dfe6dc2..c2d0856a 100644 --- a/installer/etc/tpot/compose/hp.yml +++ b/installer/etc/tpot/compose/hp.yml @@ -8,6 +8,7 @@ networks: elasticpot_local: ewsposter_local: glastopf_local: + mailoney_local: services: @@ -103,3 +104,15 @@ services: volumes: - /data/honeytrap:/data/honeytrap - /data/ews:/data/ews + +# Mailoney service + mailoney: + container_name: mailoney + restart: always + networks: + - mailoney_local + ports: + - "25:2525" + image: "dtagdevsec/mailoney:1706" + volumes: + - /data/mailoney/log:/opt/mailoney/logs diff --git a/installer/etc/tpot/compose/industrial.yml b/installer/etc/tpot/compose/industrial.yml index 6783803f..d192769f 100644 --- a/installer/etc/tpot/compose/industrial.yml +++ b/installer/etc/tpot/compose/industrial.yml @@ -97,7 +97,6 @@ services: image: "dtagdevsec/emobility:1706" volumes: - /data/emobility:/data/eMobility - - /data/ews:/data/ews # Ewsposter service ewsposter: diff --git a/installer/etc/tpot/compose/tpot.yml b/installer/etc/tpot/compose/tpot.yml index e656c683..6b3e94cf 100644 --- a/installer/etc/tpot/compose/tpot.yml +++ b/installer/etc/tpot/compose/tpot.yml @@ -8,6 +8,7 @@ networks: elasticpot_local: ewsposter_local: glastopf_local: + mailoney_local: spiderfoot_local: ui-for-docker_local: @@ -166,6 +167,18 @@ services: - /data/honeytrap:/data/honeytrap - /data/ews:/data/ews +# Mailoney service + mailoney: + container_name: mailoney + restart: always + networks: + - mailoney_local + ports: + - "25:2525" + image: "dtagdevsec/mailoney:1706" + volumes: + - /data/mailoney/log:/opt/mailoney/logs + # Netdata service netdata: container_name: netdata diff --git a/installer/etc/tpot/systemd/tpot.service b/installer/etc/tpot/systemd/tpot.service index 2523261d..2ccbbc5e 100644 --- a/installer/etc/tpot/systemd/tpot.service +++ b/installer/etc/tpot/systemd/tpot.service @@ -33,7 +33,7 @@ ExecStartPre=-/bin/chmod 666 /var/run/docker.sock ExecStartPre=/sbin/iptables -w -A INPUT -s 127.0.0.1 -j ACCEPT ExecStartPre=/sbin/iptables -w -A INPUT -d 127.0.0.1 -j ACCEPT ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 64295:64303,7634,8125 -j ACCEPT -ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 21,22,23,42,69,80,135,443,445,1433,1723,1883,1900 -j ACCEPT +ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 21:23,25,42,69,80,135,443,445,1433,1723,1883,1900 -j ACCEPT ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 3306,5060,5061,5601,11211 -j ACCEPT ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 1025,50100,8080,8081,9200 -j ACCEPT ExecStartPre=/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -j NFQUEUE @@ -48,7 +48,7 @@ ExecStop=/usr/local/bin/docker-compose -f /etc/tpot/tpot.yml down -v ExecStopPost=/sbin/iptables -w -D INPUT -s 127.0.0.1 -j ACCEPT ExecStopPost=/sbin/iptables -w -D INPUT -d 127.0.0.1 -j ACCEPT ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 64295:64303,7634,8125 -j ACCEPT -ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 21,22,23,42,69,80,135,443,445,1433,1723,1883,1900 -j ACCEPT +ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 21:23,25,42,69,80,135,443,445,1433,1723,1883,1900 -j ACCEPT ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 3306,5060,5061,5601,11211 -j ACCEPT ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 1025,50100,8080,8081,9200 -j ACCEPT ExecStopPost=/sbin/iptables -w -D INPUT -p tcp --syn -m state --state NEW -j NFQUEUE diff --git a/installer/install.sh b/installer/install.sh index d0ec0cd2..beb36262 100755 --- a/installer/install.sh +++ b/installer/install.sh @@ -441,6 +441,7 @@ mkdir -p /data/conpot/log \ /data/elasticpot/log \ /data/elk/data /data/elk/log \ /data/glastopf /data/honeytrap/log/ /data/honeytrap/attacks/ /data/honeytrap/downloads/ \ + /data/mailoney/log \ /data/emobility/log \ /data/ews/conf \ /data/spiderfoot \