mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-07-01 04:22:11 +00:00
include conpot
This commit is contained in:
t3chn0m4g3
parent
1804a042e9
commit
994aed3e31
6 changed files with 57 additions and 10 deletions
18
README.md
18
README.md
|
|
@ -24,20 +24,34 @@ The script will download and install dependecies necessary to build the image on
|
|||
|
||||
After a successful build, you will find the ISO image `tpot.iso` in your directory.
|
||||
|
||||
### T-Pot Full Installation
|
||||
### T-Pot Installation (Cowrie, Dionaea, ElasticPot, Glastopf, Honeytrap, ELK, Suricata+P0f)
|
||||
When installing the T-Pot ISO image, make sure the target system (physical/virtual) meets the following minimum requirements:
|
||||
- 4 GB RAM (6-8 GB recommended)
|
||||
- 64 GB disk (128 GB SSD recommended)
|
||||
- Network via DHCP
|
||||
- A working internet connection
|
||||
|
||||
### T-Pot Sensor Installation (no ELK, no Suricata - only available thru ISO Creator)
|
||||
### Sensor Installation (Cowrie, Dionaea, ElasticPot, Glastopf, Honeytrap - only available thru ISO Creator)
|
||||
When installing the T-Pot ISO image, make sure the target system (physical/virtual) meets the following minimum requirements:
|
||||
- 3 GB RAM (4-6 GB recommended)
|
||||
- 64 GB disk (64 GB SSD recommended)
|
||||
- Network via DHCP
|
||||
- A working internet connection
|
||||
|
||||
### Industrial Installation (ConPot, eMobility, ELK, Suricata+P0f - only available thru ISO Creator)
|
||||
When installing the T-Pot ISO image, make sure the target system (physical/virtual) meets the following minimum requirements:
|
||||
- 4 GB RAM (8 GB recommended)
|
||||
- 64 GB disk (128 GB SSD recommended)
|
||||
- Network via DHCP
|
||||
- A working internet connection
|
||||
|
||||
### Everything Installation (Everything)
|
||||
When installing the T-Pot ISO image, make sure the target system (physical/virtual) meets the following minimum requirements:
|
||||
- 8 GB RAM
|
||||
- 128 GB disk or larger (128 GB SSD or larger recommended)
|
||||
- Network via DHCP
|
||||
- A working internet connection
|
||||
|
||||
The installation requires very little interaction. Most things should be configured automatically. The system will reboot a couple of times. Make sure it can access the internet as it needs to download the dockerized honeypot components. Depending on your network connection, the installation may take some time.
|
||||
Once the installation is finished, the system will automatically reboot and you will be presented with a login screen. The user credentials for the first login are:
|
||||
- user: tsec
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
conpot
|
||||
cowrie
|
||||
dionaea
|
||||
elasticpot
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
conpot
|
||||
elk
|
||||
emobility
|
||||
suricata
|
||||
|
|
|
|||
31
installer/data/upstart/conpot.conf
Normal file
31
installer/data/upstart/conpot.conf
Normal file
|
|
@ -0,0 +1,31 @@
|
|||
########################################################
|
||||
# T-Pot #
|
||||
# ConPot upstart script #
|
||||
# #
|
||||
# v16.03.1 by mo, DTAG, 2016-02-19 #
|
||||
########################################################
|
||||
|
||||
description "ConPot"
|
||||
author "mo"
|
||||
start on started docker and filesystem
|
||||
stop on runlevel [!2345]
|
||||
respawn
|
||||
pre-start script
|
||||
# Remove any existing conpot containers
|
||||
myCID=$(docker ps -a | grep conpot | awk '{ print $1 }')
|
||||
if [ "$myCID" != "" ];
|
||||
then docker rm -v $myCID;
|
||||
fi
|
||||
# Remove any data from previous container
|
||||
rm -rf /data/conpot/* || true
|
||||
mkdir -p /data/conpot/log
|
||||
chmod 760 /data/conpot -R
|
||||
chown tpot:tpot /data/conpot -R
|
||||
end script
|
||||
script
|
||||
/usr/bin/docker run --name conpot --rm=true -v /data/conpot:/data/conpot -v /data/ews:/data/ews -p 81:80 -p 102:102 -p 161:161/udp -p 502:502 dtagdevsec/conpot:latest1603
|
||||
end script
|
||||
post-start script
|
||||
# Delay next start to avoid rapid respawning
|
||||
sleep 2
|
||||
end script
|
||||
|
|
@ -3,7 +3,7 @@
|
|||
# T-Pot post install script #
|
||||
# Ubuntu server 14.04.3, x64 #
|
||||
# #
|
||||
# v16.03.9 by mo, DTAG, 2016-02-15 #
|
||||
# v16.03.10 by mo, DTAG, 2016-02-19 #
|
||||
########################################################
|
||||
|
||||
# Type of install, SENSOR, INDUSTRIAL or FULL?
|
||||
|
|
@ -223,7 +223,6 @@ if [ "$myFLAVOR" = "ALL" ]
|
|||
cp /root/tpot/data/imgcfg/all_images.conf /root/tpot/data/images.conf
|
||||
fi
|
||||
|
||||
|
||||
# Let's load docker images
|
||||
fuECHO "### Loading docker images. Please be patient, this may take a while."
|
||||
if [ -d /root/tpot/images ];
|
||||
|
|
@ -281,18 +280,19 @@ tee -a /etc/crontab <<EOF
|
|||
27 15 * * * root /etc/rc.local
|
||||
|
||||
# Check for updated packages every sunday, upgrade and reboot
|
||||
27 16 * * 0 root sleep \$((RANDOM %600)); apt-get autoclean -y; apt-get autoremove -y; apt-get update -y; apt-get upgrade -y; sleep 5; reboot
|
||||
27 16 * * 0 root apt-get autoclean -y; apt-get autoremove -y; apt-get update -y; apt-get upgrade -y; sleep 5; reboot
|
||||
EOF
|
||||
|
||||
# Let's create some files and folders
|
||||
fuECHO "### Creating some files and folders."
|
||||
mkdir -p /data/ews/log /data/ews/conf /data/ews/dionaea /data/ews/emobility \
|
||||
mkdir -p /data/conpot/log \
|
||||
/data/cowrie/log/tty/ /data/cowrie/downloads/ /data/cowrie/keys/ /data/cowrie/misc/ \
|
||||
/data/elasticpot/log \
|
||||
/data/dionaea/log /data/dionaea/bistreams /data/dionaea/binaries /data/dionaea/rtp /data/dionaea/wwwroot \
|
||||
/data/elasticpot/log \
|
||||
/data/elk/data /data/elk/log /data/glastopf /data/honeytrap/log/ /data/honeytrap/attacks/ /data/honeytrap/downloads/ \
|
||||
/data/suricata/log /home/tsec/.ssh/ \
|
||||
/data/emobility/log
|
||||
/data/emobility/log \
|
||||
/data/ews/log /data/ews/conf /data/ews/dionaea /data/ews/emobility \
|
||||
/data/suricata/log /home/tsec/.ssh/
|
||||
|
||||
# Let's take care of some files and permissions before copying
|
||||
chmod 500 /root/tpot/bin/*
|
||||
|
|
|
|||
|
|
@ -86,7 +86,7 @@ if [ "$mySTART" = "1" ];
|
|||
fi
|
||||
|
||||
# Let's ask for the type of installation SENSOR, INDUSTRIAL or FULL?
|
||||
myFLAVOR=$(dialog --no-cancel --backtitle "$myBACKTITLE" --title "[ Installation type ... ]" --radiolist "" 11 70 4 "TPOT" "Standard (w/o INDUSTRIAL)" on "HP" "Honeypots only (w/o INDUSTRIAL)" off "INDUSTRIAL" "eMobility, ELK, Suricata (8GB RAM recommended)" off "ALL" "Everything (8GB RAM required)" off 3>&1 1>&2 2>&3 3>&-)
|
||||
myFLAVOR=$(dialog --no-cancel --backtitle "$myBACKTITLE" --title "[ Installation type ... ]" --radiolist "" 11 76 4 "TPOT" "Standard (w/o INDUSTRIAL)" on "HP" "Honeypots only (w/o INDUSTRIAL)" off "INDUSTRIAL" "ConPot, eMobility, ELK, Suricata (8GB RAM recommended)" off "ALL" "Everything (8GB RAM required)" off 3>&1 1>&2 2>&3 3>&-)
|
||||
sed -i 's#^myFLAVOR=.*#myFLAVOR="'$myFLAVOR'"#' $myINSTALLERPATH
|
||||
|
||||
# Let's ask the user for a proxy ...
|
||||
|
|
|
|||
Loading…
Reference in a new issue