From 95626fb2ccf0c7000c47672bcf53d4c7a0a8dd70 Mon Sep 17 00:00:00 2001 From: t3chn0m4g3 Date: Wed, 12 Feb 2025 15:21:49 +0100 Subject: [PATCH] Disable DNS UDP Logging in Suricata, tweaking --- docker/cowrie/docker-compose.yml | 2 +- docker/log4pot/Dockerfile | 1 + docker/suricata/dist/suricata.yaml | 2 +- docker/wordpot/docker-compose.yml | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/docker/cowrie/docker-compose.yml b/docker/cowrie/docker-compose.yml index 2db5264f..baf772b5 100644 --- a/docker/cowrie/docker-compose.yml +++ b/docker/cowrie/docker-compose.yml @@ -18,7 +18,7 @@ services: ports: - "22:22" - "23:23" - image: "dtagdevsec/cowrie:24.04" + image: "ghcr.io/telekom-security/cowrie:24.04.1" read_only: true volumes: - $HOME/tpotce/data/cowrie/downloads:/home/cowrie/cowrie/dl diff --git a/docker/log4pot/Dockerfile b/docker/log4pot/Dockerfile index 32f42046..d7cef186 100644 --- a/docker/log4pot/Dockerfile +++ b/docker/log4pot/Dockerfile @@ -31,6 +31,7 @@ RUN apt-get update -y && \ cd Log4Pot && \ git checkout 5002b1fe0f82359ef32dbc3a899e8a701dc3256e && \ sed -i 's#"type": logtype,#"reason": logtype,#g' log4pot-server.py && \ + rm poetry.lock && \ poetry --no-cache --without=dev install && \ setcap cap_net_bind_service=+ep $(readlink -f $(which python3)) && \ # diff --git a/docker/suricata/dist/suricata.yaml b/docker/suricata/dist/suricata.yaml index 3b7c9f04..78d7b043 100644 --- a/docker/suricata/dist/suricata.yaml +++ b/docker/suricata/dist/suricata.yaml @@ -1005,7 +1005,7 @@ app-layer: detection-ports: dp: 53 udp: - enabled: yes + enabled: no detection-ports: dp: 53 http: diff --git a/docker/wordpot/docker-compose.yml b/docker/wordpot/docker-compose.yml index 5cbc5908..641b8d83 100644 --- a/docker/wordpot/docker-compose.yml +++ b/docker/wordpot/docker-compose.yml @@ -14,7 +14,7 @@ services: - wordpot_local ports: - "80:80" - image: "dtagdevsec/wordpot:24.04" + image: "ghcr.io/telekom-security/wordpot:24.04.1" read_only: true volumes: - $HOME/tpotce/data/wordpot/log:/opt/wordpot/logs/