tweaking, add new honeypot

correct a typo in CONTRIBUTING.MD preapre for and add mailoney honeypot
2025-07-01 12:32:12 +00:00 · 2017-06-15 22:08:56 +00:00 · 2017-06-15 22:08:56 +00:00 · 77e68f0e64
commit 77e68f0e64
parent a1bc127698
8 changed files with 52 additions and 5 deletions
--- a/CONTRIBUTING.MD
+++ b/CONTRIBUTING.MD
@ -23,7 +23,7 @@ Thank you :smiley:
 <a name="info"></a>
-### Baisc support information
+### Basic support information
 - What T-Pot version are you currtently using?
 - Are you running on a Intel NUC or a VM?
--- a/installer/bin/clean.sh
+++ b/installer/bin/clean.sh
@ -78,7 +78,15 @@ fuHONEYTRAP () {
  chown tpot:tpot /data/honeytrap/ -R
 }
-# Let's create a function prepare spiderfoot db
+# Let's create a function to clean up and prepare mailoney data
 fuHONEYTRAP () {
  rm -rf /data/mailoney/*
  mkdir -p /data/mailoney/log/
  chmod 760 /data/mailoney/ -R
  chown tpot:tpot /data/mailoney/ -R
 }
 # Let's create a function to prepare spiderfoot db
 fuSPIDERFOOT () {
  mkdir -p /data/spiderfoot
  touch /data/spiderfoot/spiderfoot.db
--- a/installer/etc/tpot/compose/all.yml
+++ b/installer/etc/tpot/compose/all.yml
@ -10,6 +10,7 @@ networks:
  emobility_local:
  ewsposter_local:
  glastopf_local:
  mailoney_local:
  spiderfoot_local:
  ui-for-docker_local:
@ -195,6 +196,18 @@ services:
    volumes:
     - /data/honeytrap:/data/honeytrap
     - /data/ews:/data/ews
 # Mailoney service
  mailoney:
    container_name: mailoney
    restart: always
    networks:
     - mailoney_local
    ports:
     - "25:2525"
    image: "dtagdevsec/mailoney:1706"
    volumes:
     - /data/mailoney/log:/opt/mailoney/logs
 # Netdata service
  netdata:
--- a/installer/etc/tpot/compose/hp.yml
+++ b/installer/etc/tpot/compose/hp.yml
@ -8,6 +8,7 @@ networks:
  elasticpot_local:
  ewsposter_local:
  glastopf_local:
  mailoney_local:
 services:
@ -103,3 +104,15 @@ services:
    volumes:
     - /data/honeytrap:/data/honeytrap
     - /data/ews:/data/ews
 # Mailoney service
  mailoney:
    container_name: mailoney
    restart: always
    networks:
     - mailoney_local
    ports:
     - "25:2525"
    image: "dtagdevsec/mailoney:1706"
    volumes:
     - /data/mailoney/log:/opt/mailoney/logs
--- a/installer/etc/tpot/compose/industrial.yml
+++ b/installer/etc/tpot/compose/industrial.yml
@ -97,7 +97,6 @@ services:
    image: "dtagdevsec/emobility:1706"
    volumes:
     - /data/emobility:/data/eMobility
     - /data/ews:/data/ews
 # Ewsposter service
  ewsposter:
--- a/installer/etc/tpot/compose/tpot.yml
+++ b/installer/etc/tpot/compose/tpot.yml
@ -8,6 +8,7 @@ networks:
  elasticpot_local:
  ewsposter_local:
  glastopf_local:
  mailoney_local:
  spiderfoot_local:
  ui-for-docker_local:
@ -166,6 +167,18 @@ services:
     - /data/honeytrap:/data/honeytrap
     - /data/ews:/data/ews
 # Mailoney service
  mailoney:
    container_name: mailoney
    restart: always
    networks:
     - mailoney_local
    ports:
     - "25:2525"
    image: "dtagdevsec/mailoney:1706"
    volumes:
     - /data/mailoney/log:/opt/mailoney/logs
 # Netdata service
  netdata:
    container_name: netdata
--- a/installer/etc/tpot/systemd/tpot.service
+++ b/installer/etc/tpot/systemd/tpot.service
@ -33,7 +33,7 @@ ExecStartPre=-/bin/chmod 666 /var/run/docker.sock
 ExecStartPre=/sbin/iptables -w -A INPUT -s 127.0.0.1 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -A INPUT -d 127.0.0.1 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 64295:64303,7634,8125 -j ACCEPT
-ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 21,22,23,42,69,80,135,443,445,1433,1723,1883,1900 -j ACCEPT
+ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 21:23,25,42,69,80,135,443,445,1433,1723,1883,1900 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 3306,5060,5061,5601,11211 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 1025,50100,8080,8081,9200 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -j NFQUEUE
@ -48,7 +48,7 @@ ExecStop=/usr/local/bin/docker-compose -f /etc/tpot/tpot.yml down -v
 ExecStopPost=/sbin/iptables -w -D INPUT -s 127.0.0.1 -j ACCEPT
 ExecStopPost=/sbin/iptables -w -D INPUT -d 127.0.0.1 -j ACCEPT
 ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 64295:64303,7634,8125 -j ACCEPT
-ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 21,22,23,42,69,80,135,443,445,1433,1723,1883,1900 -j ACCEPT
+ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 21:23,25,42,69,80,135,443,445,1433,1723,1883,1900 -j ACCEPT
 ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 3306,5060,5061,5601,11211 -j ACCEPT
 ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 1025,50100,8080,8081,9200 -j ACCEPT
 ExecStopPost=/sbin/iptables -w -D INPUT -p tcp --syn -m state --state NEW -j NFQUEUE
--- a/installer/install.sh
+++ b/installer/install.sh
@ -441,6 +441,7 @@ mkdir -p /data/conpot/log \
         /data/elasticpot/log \
         /data/elk/data /data/elk/log \
         /data/glastopf /data/honeytrap/log/ /data/honeytrap/attacks/ /data/honeytrap/downloads/ \
         /data/mailoney/log \
         /data/emobility/log \
         /data/ews/conf \
         /data/spiderfoot \