tweaking

docker/ciscoasa/docker-compose.yml

@@ -1,4 +1,4 @@
-version: '2.2'
+version: '2.3'
 
 networks:
   ciscoasa_local:

docker/conpot/docker-compose.yml

@@ -1,5 +1,5 @@
 # CONPOT TEMPLATE=[default, IEC104, guardian_ast, ipmi, kamstrup_382, proxy]
-version: '2.2'
+version: '2.3'
 
 networks:
   conpot_local_default:

docker/cowrie/docker-compose.yml

@@ -1,4 +1,4 @@
-version: '2.2'
+version: '2.3'
 
 networks:
   cowrie_local:

docker/dionaea/docker-compose.yml

@@ -1,4 +1,4 @@
-version: '2.2'
+version: '2.3'
 
 services:
 

docker/elasticpot/Dockerfile

@@ -4,12 +4,11 @@ FROM alpine
 ADD dist/ /root/dist/
 
 # Install packages
-RUN apk -U upgrade && \ 
+RUN apk -U --no-cache add \
-    apk add bash \
              git \
              python3 && \
-    pip3 install --upgrade pip && \
+    pip3 install --no-cache-dir --upgrade pip && \
-    pip3 install bottle \
+    pip3 install --no-cache-dir bottle \
                                 configparser \
                                 datetime \
                                 requests && \
@@ -19,7 +18,7 @@ RUN apk -U upgrade && \
 
 # Setup user, groups and configs
     addgroup -g 2000 elasticpot && \
-    adduser -S -H -s /bin/bash -u 2000 -D -g 2000 elasticpot && \
+    adduser -S -H -s /bin/ash -u 2000 -D -g 2000 elasticpot && \
     mv /root/dist/elasticpot.cfg /opt/ElasticpotPY/ && \
     mkdir /opt/ElasticpotPY/log && \
 

docker/elasticpot/docker-compose.yml

@@ -1,4 +1,4 @@
-version: '2.2'
+version: '2.3'
 
 networks:
   elasticpot_local:

docker/elk/docker-compose.yml

@@ -1,6 +1,4 @@
-# T-Pot (Standard)
+version: '2.3'
-# For docker-compose ...
-version: '2.2'
 
 services:
 

docker/elk/logstash/Dockerfile

@@ -50,5 +50,4 @@ HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:9600'
 
 # Start logstash
 #USER logstash:logstash
-#CMD update.sh && exec /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/logstash.conf
+CMD update.sh && exec /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/logstash.conf
-CMD exec /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/logstash.conf

docker/elk/logstash/docker-compose.yml

@@ -1,4 +1,4 @@
-version: '2.2'
+version: '2.3'
 
 services:
 

docker/ews/dist/ews.cfg

@@ -85,7 +85,7 @@ logfile = /data/emobility/log/centralsystemEWS.log
 [CONPOT]
 conpot = true
 nodeid = conpot-community-01
-logfile = /data/conpot/log/conpot.json
+logfile = /data/conpot/log/conpot*.json
 
 [ELASTICPOT]
 elasticpot = true
@@ -111,3 +111,8 @@ logfile = /data/rdpy/log/rdpy.log
 vnclowpot = true
 nodeid = vnclowpot-community-01
 logfile = /data/vnclowpot/log/vnclowpot.log
+
+[HERALDING]
+heralding = true
+nodeid = heralding-community-01
+logfile = /data/heralding/log/auth.csv

docker/heralding/dist/heralding.yml

@@ -120,7 +120,7 @@ capabilities:
 
   https:
     enabled: true
-    port: 443
+    port: 8443
     timeout: 30
     protocol_specific_data:
       banner: ""

docker/heralding/docker-compose.yml

@@ -25,7 +25,7 @@ services:
      - "80:80"
      - "110:110"
      - "143:143"
-     - "443:443"
+       #     - "443:443"
      - "993:993"
      - "995:995"
      - "5432:5432"