diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6b572d8d..afe8a43f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,15 @@
# Changelog
+## 20200904
+- **Release T-Pot 20.06.1**
+ - Github offers a free Docker Container Registry for public packages. For our Open Source projects we want to make sure to have everything in one place and thus moving from Docker Hub to the GitHub Container Registry.
+- **Bump Elastic Stack**
+ - Update the Elastic Stack to 7.9.1.
+- **Rebuild Images**
+ - All docker images were rebuilt based on the latest (and stable running) versions of the tools and honeypots and have been pinned to specific Alpine / Debian versions and git commits so rebuilds will less likely fail.
+- **Cleaning up**
+ - Clean up old references and links.
+
## 20200630
- **Release T-Pot 20.06**
- After 4 months of public testing with the NextGen edition T-Pot 20.06 can finally be released.
@@ -51,7 +61,7 @@
- **Update ISO image to fix upstream bug of missing kernel modules**
- **Include dashboards for CitrixHoneypot**
- Please run `/opt/tpot/update.sh` for the necessary modifications, omit the reboot and run `/opt/tpot/bin/tped.sh` to (re-)select the NextGen installation type.
- - This update requires the latest Kibana objects as well. Download the latest from https://raw.githubusercontent.com/dtag-dev-sec/tpotce/master/etc/objects/kibana_export.json.zip, unzip and import the objects within Kibana WebUI > Management > Saved Objects > Export / Import". All objects will be overwritten upon import, make sure to run an export first.
+ - This update requires the latest Kibana objects as well. Download the latest from https://raw.githubusercontent.com/telekom-security/tpotce/master/etc/objects/kibana_export.json.zip, unzip and import the objects within Kibana WebUI > Management > Saved Objects > Export / Import". All objects will be overwritten upon import, make sure to run an export first.
## 20200115
- **Prepare integration of CitrixHoneypot**
diff --git a/README.md b/README.md
index 078e13d5..e6fcbe6b 100644
--- a/README.md
+++ b/README.md
@@ -40,7 +40,7 @@ Furthermore T-Pot includes the following tools
# TL;DR
1. Meet the [system requirements](#requirements). The T-Pot installation needs at least 8 GB RAM and 128 GB free disk space as well as a working (outgoing non-filtered) internet connection.
-2. Download the T-Pot ISO from [GitHub](https://github.com/dtag-dev-sec/tpotce/releases) or [create it yourself](#createiso).
+2. Download the T-Pot ISO from [GitHub](https://github.com/telekom-security/tpotce/releases) or [create it yourself](#createiso).
3. Install the system in a [VM](#vm) or on [physical hardware](#hw) with [internet access](#placement).
4. Enjoy your favorite beverage - [watch](https://sicherheitstacho.eu) and [analyze](#kibana).
@@ -132,7 +132,7 @@ The T-Pot project provides all the tools and documentation necessary to build yo
The source code and configuration files are fully stored in the T-Pot GitHub repository. The docker images are preconfigured for the T-Pot environment. If you want to run the docker images separately, make sure you study the docker-compose configuration (`/opt/tpot/etc/tpot.yml`) and the T-Pot systemd script (`/etc/systemd/system/tpot.service`), as they provide a good starting point for implementing changes.
-The individual docker configurations are located in the [docker folder](https://github.com/dtag-dev-sec/tpotce/tree/master/docker).
+The individual docker configurations are located in the [docker folder](https://github.com/telekom-security/tpotce/tree/master/docker).
# System Requirements
@@ -183,18 +183,18 @@ There are prebuilt installation types available each focussing on different aspe
# Installation
The installation of T-Pot is straight forward and heavily depends on a working, transparent and non-proxied up and running internet connection. Otherwise the installation **will fail!**
-Firstly, decide if you want to download the prebuilt installation ISO image from [GitHub](https://github.com/dtag-dev-sec/tpotce/releases), [create it yourself](#createiso) ***or*** [post-install on an existing Debian 10 (Buster)](#postinstall).
+Firstly, decide if you want to download the prebuilt installation ISO image from [GitHub](https://github.com/telekom-security/tpotce/releases), [create it yourself](#createiso) ***or*** [post-install on an existing Debian 10 (Buster)](#postinstall).
Secondly, decide where you the system to run: [real hardware](#hardware) or in a [virtual machine](#vm)?
## Prebuilt ISO Image
-An installation ISO image is available for download (~50MB), which is created by the [ISO Creator](https://github.com/dtag-dev-sec/tpotce) you can use yourself in order to create your own image. It will basically just save you some time downloading components and creating the ISO image.
-You can download the prebuilt installation ISO from [GitHub](https://github.com/dtag-dev-sec/tpotce/releases) and jump to the [installation](#vm) section.
+An installation ISO image is available for download (~50MB), which is created by the [ISO Creator](https://github.com/telekom-security/tpotce) you can use yourself in order to create your own image. It will basically just save you some time downloading components and creating the ISO image.
+You can download the prebuilt installation ISO from [GitHub](https://github.com/telekom-security/tpotce/releases) and jump to the [installation](#vm) section.
## Create your own ISO Image
-For transparency reasons and to give you the ability to customize your install you use the [ISO Creator](https://github.com/dtag-dev-sec/tpotce) that enables you to create your own ISO installation image.
+For transparency reasons and to give you the ability to customize your install you use the [ISO Creator](https://github.com/telekom-security/tpotce) that enables you to create your own ISO installation image.
**Requirements to create the ISO image:**
- Debian 10 as host system (others *may* work, but *remain* untested)
@@ -206,7 +206,7 @@ For transparency reasons and to give you the ability to customize your install y
1. Clone the repository and enter it.
```
-git clone https://github.com/dtag-dev-sec/tpotce
+git clone https://github.com/telekom-security/tpotce
cd tpotce
```
2. Run the `makeiso.sh` script to build the ISO image.
@@ -237,7 +237,7 @@ You can now jump [here](#firstrun).
If you decide to run T-Pot on dedicated hardware, just follow these steps:
1. Burn a CD from the ISO image or make a bootable USB stick using the image.
-Whereas most CD burning tools allow you to burn from ISO images, the procedure to create a bootable USB stick from an ISO image depends on your system. There are various Windows GUI tools available, e.g. [this tip](http://www.ubuntu.com/download/desktop/create-a-usb-stick-on-windows) might help you.
On [Linux](http://askubuntu.com/questions/59551/how-to-burn-a-iso-to-a-usb-device) or [MacOS](http://www.ubuntu.com/download/desktop/create-a-usb-stick-on-mac-osx) you can use the tool *dd* or create the USB stick with T-Pot's [ISO Creator](https://github.com/dtag-dev-sec).
+Whereas most CD burning tools allow you to burn from ISO images, the procedure to create a bootable USB stick from an ISO image depends on your system. There are various Windows GUI tools available, e.g. [this tip](http://www.ubuntu.com/download/desktop/create-a-usb-stick-on-windows) might help you.
On [Linux](http://askubuntu.com/questions/59551/how-to-burn-a-iso-to-a-usb-device) or [MacOS](http://www.ubuntu.com/download/desktop/create-a-usb-stick-on-mac-osx) you can use the tool *dd* or create the USB stick with T-Pot's [ISO Creator](https://github.com/telekom-security).
2. Boot from the USB stick and install.
*Please note*: Limited tests are performed for the Intel NUC platform other hardware platforms **remain untested**. There is no hardware support provided of any kind.
@@ -255,7 +255,7 @@ The T-Pot Universal Installer will upgrade the system and install all required T
Just follow these steps:
```
-git clone https://github.com/dtag-dev-sec/tpotce
+git clone https://github.com/telekom-security/tpotce
cd tpotce/iso/installer/
./install.sh --type=user
```
@@ -269,7 +269,7 @@ You can also let the installer run automatically if you provide your own `tpot.c
Just follow these steps while adjusting `tpot.conf` to your needs:
```
-git clone https://github.com/dtag-dev-sec/tpotce
+git clone https://github.com/telekom-security/tpotce
cd tpotce/iso/installer/
cp tpot.conf.dist tpot.conf
./install.sh --type=auto --conf=tpot.conf
@@ -436,7 +436,7 @@ You may opt out of the submission by removing the `# Ewsposter service` from `/o
restart: always
networks:
- ewsposter_local
- image: "dtagdevsec/ewsposter:2006"
+ image: "ghcr.io/telekom-security/ewsposter:2006"
volumes:
- /data:/data
- /data/ews/conf/ews.ip:/opt/ewsposter/ews.ip
@@ -466,7 +466,7 @@ As with every development there is always room for improvements ...
Some features may be provided with updated docker images, others may require some hands on from your side.
-You are always invited to participate in development on our [GitHub](https://github.com/dtag-dev-sec/tpotce) page.
+You are always invited to participate in development on our [GitHub](https://github.com/telekom-security/tpotce) page.
# Disclaimer
@@ -478,18 +478,18 @@ You are always invited to participate in development on our [GitHub](https://git
# FAQ
-Please report any issues or questions on our [GitHub issue list](https://github.com/dtag-dev-sec/tpotce/issues), so the community can participate.
+Please report any issues or questions on our [GitHub issue list](https://github.com/telekom-security/tpotce/issues), so the community can participate.
# Contact
The software is provided **as is** in a Community Edition format. T-Pot is designed to run out of the box and with zero maintenance involved.
-We hope you understand that we cannot provide support on an individual basis. We will try to address questions, bugs and problems on our [GitHub issue list](https://github.com/dtag-dev-sec/tpotce/issues).
+We hope you understand that we cannot provide support on an individual basis. We will try to address questions, bugs and problems on our [GitHub issue list](https://github.com/telekom-security/tpotce/issues).
# Licenses
The software that T-Pot is built on uses the following licenses.
GPLv2: [conpot](https://github.com/mushorg/conpot/blob/master/LICENSE.txt), [dionaea](https://github.com/DinoTools/dionaea/blob/master/LICENSE), [honeysap](https://github.com/SecureAuthCorp/HoneySAP/blob/master/COPYING), [honeypy](https://github.com/foospidy/HoneyPy/blob/master/LICENSE), [honeytrap](https://github.com/armedpot/honeytrap/blob/master/LICENSE), [suricata](http://suricata-ids.org/about/open-source/)
-
GPLv3: [adbhoney](https://github.com/huuck/ADBHoney), [elasticpot](https://gitlab.com/bontchev/elasticpot/-/blob/master/LICENSE), [ewsposter](https://github.com/dtag-dev-sec/ews/), [fatt](https://github.com/0x4D31/fatt/blob/master/LICENSE), [rdpy](https://github.com/citronneur/rdpy/blob/master/LICENSE), [heralding](https://github.com/johnnykv/heralding/blob/master/LICENSE.txt), [ipphoney](https://gitlab.com/bontchev/ipphoney/-/blob/master/LICENSE), [snare](https://github.com/mushorg/snare/blob/master/LICENSE), [tanner](https://github.com/mushorg/snare/blob/master/LICENSE)
+
GPLv3: [adbhoney](https://github.com/huuck/ADBHoney), [elasticpot](https://gitlab.com/bontchev/elasticpot/-/blob/master/LICENSE), [ewsposter](https://github.com/telekom-security/ews/), [fatt](https://github.com/0x4D31/fatt/blob/master/LICENSE), [rdpy](https://github.com/citronneur/rdpy/blob/master/LICENSE), [heralding](https://github.com/johnnykv/heralding/blob/master/LICENSE.txt), [ipphoney](https://gitlab.com/bontchev/ipphoney/-/blob/master/LICENSE), [snare](https://github.com/mushorg/snare/blob/master/LICENSE), [tanner](https://github.com/mushorg/snare/blob/master/LICENSE)
Apache 2 License: [cyberchef](https://github.com/gchq/CyberChef/blob/master/LICENSE), [dicompot](https://github.com/nsmfoo/dicompot/blob/master/LICENSE), [elasticsearch](https://github.com/elasticsearch/elasticsearch/blob/master/LICENSE.txt), [logstash](https://github.com/elasticsearch/logstash/blob/master/LICENSE), [kibana](https://github.com/elasticsearch/kibana/blob/master/LICENSE.md), [docker](https://github.com/docker/docker/blob/master/LICENSE), [elasticsearch-head](https://github.com/mobz/elasticsearch-head/blob/master/LICENCE)
MIT license: [ciscoasa](https://github.com/Cymmetria/ciscoasa_honeypot/blob/master/LICENSE), [glutton](https://github.com/mushorg/glutton/blob/master/LICENSE)
Other: [citrixhoneypot](https://github.com/MalwareTech/CitrixHoneypot#licencing-agreement-malwaretech-public-licence), [cowrie](https://github.com/micheloosterhof/cowrie/blob/master/LICENSE.md), [mailoney](https://github.com/awhitehatter/mailoney), [Debian licensing](https://www.debian.org/legal/licenses/)
diff --git a/bin/change_ews_config.sh b/bin/change_ews_config.sh
index 6f9c25ba..5b660656 100755
--- a/bin/change_ews_config.sh
+++ b/bin/change_ews_config.sh
@@ -60,7 +60,7 @@ fi
echo ""
echo "[+] Creating config file with API UserID '$apiUser' and API Token '$apiToken'."
echo "[+] Fetching config file from github. Outgoing https requests must be enabled!"
-wget -q https://raw.githubusercontent.com/dtag-dev-sec/tpotce/master/docker/ews/dist/ews.cfg -O ews.cfg.dist
+wget -q https://raw.githubusercontent.com/telekom-security/tpotce/master/docker/ews/dist/ews.cfg -O ews.cfg.dist
if [[ -f "ews.cfg.dist" ]]; then
echo "[+] Successfully downloaded ews.cfg from github."
else
diff --git a/cloud/ansible/README.md b/cloud/ansible/README.md
index 15aed061..c517b6df 100644
--- a/cloud/ansible/README.md
+++ b/cloud/ansible/README.md
@@ -96,7 +96,7 @@ Import your SSH public key.
# Clone Git Repository
Clone the `tpotce` repository to your Ansible Master:
-`git clone https://github.com/dtag-dev-sec/tpotce.git`
+`git clone https://github.com/telekom-security/tpotce.git`
All Ansible related files are located in the [`cloud/ansible/openstack`](openstack) folder.
@@ -226,7 +226,7 @@ If you are running on a machine which asks for a sudo password, you can use:
The Playbook will first install required packages on the Ansible Master and then deploy a new server instance.
After that, T-Pot gets installed and configured on the newly created host, optionally custom configs are applied and finally it reboots.
-Once this is done, you can proceed with connecting/logging in to the T-Pot according to the [documentation](https://github.com/dtag-dev-sec/tpotce#ssh-and-web-access).
+Once this is done, you can proceed with connecting/logging in to the T-Pot according to the [documentation](https://github.com/telekom-security/tpotce#ssh-and-web-access).
# Further documentation
diff --git a/cloud/ansible/openstack/roles/install/tasks/main.yaml b/cloud/ansible/openstack/roles/install/tasks/main.yaml
index 40977347..173c4f08 100644
--- a/cloud/ansible/openstack/roles/install/tasks/main.yaml
+++ b/cloud/ansible/openstack/roles/install/tasks/main.yaml
@@ -6,7 +6,7 @@
- name: Cloning T-Pot install directory
git:
- repo: "https://github.com/dtag-dev-sec/tpotce.git"
+ repo: "https://github.com/telekom-security/tpotce.git"
dest: /root/tpot
- name: Prepare to set user password
diff --git a/cloud/terraform/cloud-init.yaml b/cloud/terraform/cloud-init.yaml
index 123e1612..18d6621a 100644
--- a/cloud/terraform/cloud-init.yaml
+++ b/cloud/terraform/cloud-init.yaml
@@ -5,7 +5,7 @@ packages:
- git
runcmd:
- - git clone https://github.com/dtag-dev-sec/tpotce /root/tpot
+ - git clone https://github.com/telekom-security/tpotce /root/tpot
- /root/tpot/iso/installer/install.sh --type=auto --conf=/root/tpot.conf
- rm /root/tpot.conf
- /sbin/shutdown -r now
diff --git a/doc/architecture.png b/doc/architecture.png
index 2bebdf2c..51348088 100644
Binary files a/doc/architecture.png and b/doc/architecture.png differ
diff --git a/docker/adbhoney/Dockerfile b/docker/adbhoney/Dockerfile
index ba9a4a0f..e249b746 100644
--- a/docker/adbhoney/Dockerfile
+++ b/docker/adbhoney/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:latest
+FROM alpine:3.12
#
# Include dist
ADD dist/ /root/dist/
@@ -13,7 +13,9 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
python3-dev && \
#
# Install adbhoney from git
- git clone --depth=1 https://github.com/huuck/ADBHoney /opt/adbhoney && \
+ git clone https://github.com/huuck/ADBHoney /opt/adbhoney && \
+ cd /opt/adbhoney && \
+ git checkout ad7c17e78d01f6860d58ba826a4b6a4e4f83acbd && \
cp /root/dist/adbhoney.cfg /opt/adbhoney && \
sed -i 's/dst_ip/dest_ip/' /opt/adbhoney/adbhoney/core.py && \
sed -i 's/dst_port/dest_port/' /opt/adbhoney/adbhoney/core.py && \
diff --git a/docker/adbhoney/docker-compose.yml b/docker/adbhoney/docker-compose.yml
index 58e62f11..03fb50f2 100644
--- a/docker/adbhoney/docker-compose.yml
+++ b/docker/adbhoney/docker-compose.yml
@@ -14,7 +14,7 @@ services:
- adbhoney_local
ports:
- "5555:5555"
- image: "dtagdevsec/adbhoney:2006"
+ image: "ghcr.io/telekom-security/adbhoney:2006"
read_only: true
volumes:
- /data/adbhoney/log:/opt/adbhoney/log
diff --git a/docker/ciscoasa/Dockerfile b/docker/ciscoasa/Dockerfile
index 85dcaa71..57d7100f 100644
--- a/docker/ciscoasa/Dockerfile
+++ b/docker/ciscoasa/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:latest
+FROM alpine:3.12
#
# Include dist
ADD dist/ /root/dist/
@@ -23,8 +23,9 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
# Get and install packages
mkdir -p /opt/ && \
cd /opt/ && \
- git clone --depth=1 https://github.com/cymmetria/ciscoasa_honeypot && \
+ git clone https://github.com/cymmetria/ciscoasa_honeypot && \
cd ciscoasa_honeypot && \
+ git checkout d6e91f1aab7fe6fc01fabf2046e76b68dd6dc9e2 && \
pip3 install --no-cache-dir -r requirements.txt && \
cp /root/dist/asa_server.py /opt/ciscoasa_honeypot && \
chown -R ciscoasa:ciscoasa /opt/ciscoasa_honeypot && \
diff --git a/docker/ciscoasa/docker-compose.yml b/docker/ciscoasa/docker-compose.yml
index bf85bc48..bb2a466f 100644
--- a/docker/ciscoasa/docker-compose.yml
+++ b/docker/ciscoasa/docker-compose.yml
@@ -13,7 +13,7 @@ services:
ports:
- "5000:5000/udp"
- "8443:8443"
- image: "dtagdevsec/ciscoasa:2006"
+ image: "ghcr.io/telekom-security/ciscoasa:2006"
read_only: true
volumes:
- /data/ciscoasa/log:/var/log/ciscoasa
diff --git a/docker/citrixhoneypot/Dockerfile b/docker/citrixhoneypot/Dockerfile
index 4326568a..7416f480 100644
--- a/docker/citrixhoneypot/Dockerfile
+++ b/docker/citrixhoneypot/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:latest
+FROM alpine:3.12
#
# Install packages
RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
@@ -15,7 +15,9 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
# Install CitrixHoneypot from GitHub
# git clone --depth=1 https://github.com/malwaretech/citrixhoneypot /opt/citrixhoneypot && \
# git clone --depth=1 https://github.com/vorband/CitrixHoneypot /opt/citrixhoneypot && \
- git clone --depth=1 https://github.com/t3chn0m4g3/CitrixHoneypot /opt/citrixhoneypot && \
+ git clone https://github.com/t3chn0m4g3/CitrixHoneypot /opt/citrixhoneypot && \
+ cd /opt/citrixhoneypot && \
+ git checkout f59ad7320dc5bbb8c23c8baa5f111b52c52fbef3 && \
#
# Setup user, groups and configs
mkdir -p /opt/citrixhoneypot/logs /opt/citrixhoneypot/ssl && \
diff --git a/docker/citrixhoneypot/docker-compose.yml b/docker/citrixhoneypot/docker-compose.yml
index 16eea88f..dd2c5d6c 100644
--- a/docker/citrixhoneypot/docker-compose.yml
+++ b/docker/citrixhoneypot/docker-compose.yml
@@ -14,7 +14,7 @@ services:
- citrixhoneypot_local
ports:
- "443:443"
- image: "dtagdevsec/citrixhoneypot:2006"
+ image: "ghcr.io/telekom-security/citrixhoneypot:2006"
read_only: true
volumes:
- /data/citrixhoneypot/logs:/opt/citrixhoneypot/logs
diff --git a/docker/conpot/Dockerfile b/docker/conpot/Dockerfile
index e16be97e..11fc4b9f 100644
--- a/docker/conpot/Dockerfile
+++ b/docker/conpot/Dockerfile
@@ -41,7 +41,6 @@ RUN apk -U add \
sed -i 's/port="6230"/port="623"/' /opt/conpot/conpot/templates/ipmi/ipmi/ipmi.xml && \
pip3 install --no-cache-dir -U setuptools && \
pip3 install --no-cache-dir . && \
- pip3 install --no-cache-dir pysnmp-mibs && \
cd / && \
rm -rf /opt/conpot /tmp/* /var/tmp/* && \
setcap cap_net_bind_service=+ep /usr/bin/python3.8 && \
diff --git a/docker/conpot/docker-compose.yml b/docker/conpot/docker-compose.yml
index 4b315497..57c7fd39 100644
--- a/docker/conpot/docker-compose.yml
+++ b/docker/conpot/docker-compose.yml
@@ -35,7 +35,7 @@ services:
- "2121:21"
- "44818:44818"
- "47808:47808"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -58,7 +58,7 @@ services:
ports:
# - "161:161"
- "2404:2404"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -80,7 +80,7 @@ services:
- conpot_local_guardian_ast
ports:
- "10001:10001"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -102,7 +102,7 @@ services:
- conpot_local_ipmi
ports:
- "623:623"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -125,7 +125,7 @@ services:
ports:
- "1025:1025"
- "50100:50100"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
diff --git a/docker/cowrie/Dockerfile b/docker/cowrie/Dockerfile
index d3aa058e..6b3f1cc6 100644
--- a/docker/cowrie/Dockerfile
+++ b/docker/cowrie/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:latest
+FROM alpine:3.12
#
# Include dist
ADD dist/ /root/dist/
diff --git a/docker/cowrie/docker-compose.yml b/docker/cowrie/docker-compose.yml
index 181a9bd7..1d232138 100644
--- a/docker/cowrie/docker-compose.yml
+++ b/docker/cowrie/docker-compose.yml
@@ -18,7 +18,7 @@ services:
ports:
- "22:22"
- "23:23"
- image: "dtagdevsec/cowrie:2006"
+ image: "ghcr.io/telekom-security/cowrie:2006"
read_only: true
volumes:
- /data/cowrie/downloads:/home/cowrie/cowrie/dl
diff --git a/docker/cyberchef/Dockerfile b/docker/cyberchef/Dockerfile
index 90258091..abc36bd7 100644
--- a/docker/cyberchef/Dockerfile
+++ b/docker/cyberchef/Dockerfile
@@ -13,7 +13,7 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
#
# Install CyberChef
cd /root && \
- git clone https://github.com/gchq/cyberchef --depth=1 && \
+ git clone https://github.com/gchq/cyberchef -b v9.21.0 && \
chown -R nobody:nobody cyberchef && \
cd cyberchef && \
npm install && \
diff --git a/docker/cyberchef/docker-compose.yml b/docker/cyberchef/docker-compose.yml
index 6bb8c3b9..e8a16d07 100644
--- a/docker/cyberchef/docker-compose.yml
+++ b/docker/cyberchef/docker-compose.yml
@@ -14,5 +14,5 @@ services:
- cyberchef_local
ports:
- "127.0.0.1:64299:8000"
- image: "dtagdevsec/cyberchef:2006"
+ image: "ghcr.io/telekom-security/cyberchef:2006"
read_only: true
diff --git a/docker/deprecated/elasticpot.old/README.md b/docker/deprecated/elasticpot.old/README.md
index cbe64597..3556bc04 100644
--- a/docker/deprecated/elasticpot.old/README.md
+++ b/docker/deprecated/elasticpot.old/README.md
@@ -1,10 +1,10 @@
-[](https://microbadger.com/images/dtagdevsec/elasticpot:1903 "Get your own version badge on microbadger.com") [](https://microbadger.com/images/dtagdevsec/elasticpot:1903 "Get your own image badge on microbadger.com")
+[](https://microbadger.com/images/ghcr.io/telekom-security/elasticpot:1903 "Get your own version badge on microbadger.com") [](https://microbadger.com/images/ghcr.io/telekom-security/elasticpot:1903 "Get your own image badge on microbadger.com")
# elasticpot
[elasticpot](https://github.com/schmalle/ElasticPot) is a simple elastic search honeypot.
-This dockerized version is part of the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)** of Deutsche Telekom AG.
+This dockerized version is part of the **[T-Pot community honeypot](http://telekom-security.github.io/)** of Deutsche Telekom AG.
The `Dockerfile` contains the blueprint for the dockerized elasticpot and will be used to setup the docker image.
diff --git a/docker/deprecated/elasticpot.old/docker-compose.yml b/docker/deprecated/elasticpot.old/docker-compose.yml
index a8fd3547..60992d17 100644
--- a/docker/deprecated/elasticpot.old/docker-compose.yml
+++ b/docker/deprecated/elasticpot.old/docker-compose.yml
@@ -14,7 +14,7 @@ services:
- elasticpot_local
ports:
- "9200:9200"
- image: "dtagdevsec/elasticpot:2006"
+ image: "ghcr.io/telekom-security/elasticpot:2006"
read_only: true
volumes:
- /data/elasticpot/log:/opt/ElasticpotPY/log
diff --git a/docker/deprecated/glastopf/README.md b/docker/deprecated/glastopf/README.md
index 166c6998..1adf6c61 100644
--- a/docker/deprecated/glastopf/README.md
+++ b/docker/deprecated/glastopf/README.md
@@ -1,10 +1,10 @@
-[](https://microbadger.com/images/dtagdevsec/glastopf:1903 "Get your own version badge on microbadger.com") [](https://microbadger.com/images/dtagdevsec/glastopf:1903 "Get your own image badge on microbadger.com")
+[](https://microbadger.com/images/ghcr.io/telekom-security/glastopf:1903 "Get your own version badge on microbadger.com") [](https://microbadger.com/images/ghcr.io/telekom-security/glastopf:1903 "Get your own image badge on microbadger.com")
# glastopf (deprecated)
[glastopf](https://github.com/mushorg/glastopf) is a python web application honeypot.
-This dockerized version is part of the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)** of Deutsche Telekom AG.
+This dockerized version is part of the **[T-Pot community honeypot](http://telekom-security.github.io/)** of Deutsche Telekom AG.
The `Dockerfile` contains the blueprint for the dockerized glastopf and will be used to setup the docker image.
diff --git a/docker/deprecated/glastopf/docker-compose.yml b/docker/deprecated/glastopf/docker-compose.yml
index 5d67d6fc..bb14a6d0 100644
--- a/docker/deprecated/glastopf/docker-compose.yml
+++ b/docker/deprecated/glastopf/docker-compose.yml
@@ -16,7 +16,7 @@ services:
- glastopf_local
ports:
- "8081:80"
- image: "dtagdevsec/glastopf:1903"
+ image: "ghcr.io/telekom-security/glastopf:1903"
read_only: true
volumes:
- /data/glastopf/db:/tmp/glastopf/db
diff --git a/docker/deprecated/hpfeeds/docker-compose.yml b/docker/deprecated/hpfeeds/docker-compose.yml
index da104895..ce7bbaf5 100644
--- a/docker/deprecated/hpfeeds/docker-compose.yml
+++ b/docker/deprecated/hpfeeds/docker-compose.yml
@@ -16,4 +16,4 @@ services:
- hpfeeds_local
ports:
- "20000:20000"
- image: "dtagdevsec/hpfeeds:latest"
+ image: "ghcr.io/telekom-security/hpfeeds:latest"
diff --git a/docker/deprecated/nginx/docker-compose.yml b/docker/deprecated/nginx/docker-compose.yml
index 2443efe7..46430307 100644
--- a/docker/deprecated/nginx/docker-compose.yml
+++ b/docker/deprecated/nginx/docker-compose.yml
@@ -17,7 +17,7 @@ services:
network_mode: "host"
ports:
- "64297:64297"
- image: "dtagdevsec/nginx:1903"
+ image: "ghcr.io/telekom-security/nginx:1903"
read_only: true
volumes:
- /data/nginx/cert/:/etc/nginx/cert/:ro
diff --git a/docker/dicompot/Dockerfile b/docker/dicompot/Dockerfile
index 7fc9c2b3..00a11c24 100644
--- a/docker/dicompot/Dockerfile
+++ b/docker/dicompot/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:latest
+FROM alpine:3.12
#
# Setup apk
RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
@@ -14,6 +14,7 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
cd /opt/go/ && \
git clone https://github.com/nsmfoo/dicompot.git && \
cd dicompot && \
+ git checkout 17cddd73896e94fdfbfeb920023ccaf5aad5abbd && \
go mod download && \
go install -a -x github.com/nsmfoo/dicompot/server && \
#
diff --git a/docker/dicompot/docker-compose.yml b/docker/dicompot/docker-compose.yml
index e06a4fad..5ae13067 100644
--- a/docker/dicompot/docker-compose.yml
+++ b/docker/dicompot/docker-compose.yml
@@ -17,7 +17,7 @@ services:
- dicompot_local
ports:
- "11112:11112"
- image: "dtagdevsec/dicompot:2006"
+ image: "ghcr.io/telekom-security/dicompot:2006"
read_only: true
volumes:
- /data/dicompot/log:/var/log/dicompot
diff --git a/docker/dionaea/docker-compose.yml b/docker/dionaea/docker-compose.yml
index 07bd6336..372934aa 100644
--- a/docker/dionaea/docker-compose.yml
+++ b/docker/dionaea/docker-compose.yml
@@ -31,7 +31,7 @@ services:
- "5060:5060/udp"
- "5061:5061"
- "27017:27017"
- image: "dtagdevsec/dionaea:2006"
+ image: "ghcr.io/telekom-security/dionaea:2006"
read_only: true
volumes:
- /data/dionaea/roots/ftp:/opt/dionaea/var/dionaea/roots/ftp
diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index 3bb1f328..bc6d9df1 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -10,98 +10,98 @@ services:
# Adbhoney service
adbhoney:
build: adbhoney/.
- image: "dtagdevsec/adbhoney:2006"
+ image: "ghcr.io/telekom-security/adbhoney:2006"
# Ciscoasa service
ciscoasa:
build: ciscoasa/.
- image: "dtagdevsec/ciscoasa:2006"
+ image: "ghcr.io/telekom-security/ciscoasa:2006"
# CitrixHoneypot service
citrixhoneypot:
build: citrixhoneypot/.
- image: "dtagdevsec/citrixhoneypot:2006"
+ image: "ghcr.io/telekom-security/citrixhoneypot:2006"
# Conpot IEC104 service
conpot_IEC104:
build: conpot/.
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
# Cowrie service
cowrie:
build: cowrie/.
- image: "dtagdevsec/cowrie:2006"
+ image: "ghcr.io/telekom-security/cowrie:2006"
# Dicompot service
dicompot:
build: dicompot/.
- image: "dtagdevsec/dicompot:2006"
+ image: "ghcr.io/telekom-security/dicompot:2006"
# Dionaea service
dionaea:
build: dionaea/.
- image: "dtagdevsec/dionaea:2006"
+ image: "ghcr.io/telekom-security/dionaea:2006"
# ElasticPot service
elasticpot:
build: elasticpot/.
- image: "dtagdevsec/elasticpot:2006"
+ image: "ghcr.io/telekom-security/elasticpot:2006"
# Glutton service
glutton:
build: glutton/.
- image: "dtagdevsec/glutton:2006"
+ image: "ghcr.io/telekom-security/glutton:2006"
# Heralding service
heralding:
build: heralding/.
- image: "dtagdevsec/heralding:2006"
+ image: "ghcr.io/telekom-security/heralding:2006"
# HoneyPy service
honeypy:
build: honeypy/.
- image: "dtagdevsec/honeypy:2006"
+ image: "ghcr.io/telekom-security/honeypy:2006"
# Honeytrap service
honeytrap:
build: honeytrap/.
- image: "dtagdevsec/honeytrap:2006"
+ image: "ghcr.io/telekom-security/honeytrap:2006"
# Mailoney service
mailoney:
build: mailoney/.
- image: "dtagdevsec/mailoney:2006"
+ image: "ghcr.io/telekom-security/mailoney:2006"
# Medpot service
medpot:
build: medpot/.
- image: "dtagdevsec/medpot:2006"
+ image: "ghcr.io/telekom-security/medpot:2006"
# Rdpy service
rdpy:
build: rdpy/.
- image: "dtagdevsec/rdpy:2006"
+ image: "ghcr.io/telekom-security/rdpy:2006"
#### Snare / Tanner
## Tanner Redis Service
tanner_redis:
build: tanner/redis/.
- image: "dtagdevsec/redis:2006"
+ image: "ghcr.io/telekom-security/redis:2006"
## PHP Sandbox service
tanner_phpox:
build: tanner/phpox/.
- image: "dtagdevsec/phpox:2006"
+ image: "ghcr.io/telekom-security/phpox:2006"
## Tanner API Service
tanner_api:
build: tanner/tanner/.
- image: "dtagdevsec/tanner:2006"
+ image: "ghcr.io/telekom-security/tanner:2006"
## Snare Service
snare:
build: tanner/snare/.
- image: "dtagdevsec/snare:2006"
+ image: "ghcr.io/telekom-security/snare:2006"
##################
@@ -111,17 +111,17 @@ services:
# Fatt service
fatt:
build: fatt/.
- image: "dtagdevsec/fatt:2006"
+ image: "ghcr.io/telekom-security/fatt:2006"
# P0f service
p0f:
build: p0f/.
- image: "dtagdevsec/p0f:2006"
+ image: "ghcr.io/telekom-security/p0f:2006"
# Suricata service
suricata:
build: suricata/.
- image: "dtagdevsec/suricata:2006"
+ image: "ghcr.io/telekom-security/suricata:2006"
##################
@@ -131,40 +131,40 @@ services:
# Cyberchef service
cyberchef:
build: cyberchef/.
- image: "dtagdevsec/cyberchef:2006"
+ image: "ghcr.io/telekom-security/cyberchef:2006"
#### ELK
## Elasticsearch service
elasticsearch:
build: elk/elasticsearch/.
- image: "dtagdevsec/elasticsearch:2006"
+ image: "ghcr.io/telekom-security/elasticsearch:2006"
## Kibana service
kibana:
build: elk/kibana/.
- image: "dtagdevsec/kibana:2006"
+ image: "ghcr.io/telekom-security/kibana:2006"
## Logstash service
logstash:
build: elk/logstash/.
- image: "dtagdevsec/logstash:2006"
+ image: "ghcr.io/telekom-security/logstash:2006"
## Elasticsearch-head service
head:
build: elk/head/.
- image: "dtagdevsec/head:2006"
+ image: "ghcr.io/telekom-security/head:2006"
# Ewsposter service
ewsposter:
build: ews/.
- image: "dtagdevsec/ewsposter:2006"
+ image: "ghcr.io/telekom-security/ewsposter:2006"
# Nginx service
nginx:
build: heimdall/.
- image: "dtagdevsec/nginx:2006"
+ image: "ghcr.io/telekom-security/nginx:2006"
# Spiderfoot service
spiderfoot:
build: spiderfoot/.
- image: "dtagdevsec/spiderfoot:2006"
+ image: "ghcr.io/telekom-security/spiderfoot:2006"
diff --git a/docker/elasticpot/Dockerfile b/docker/elasticpot/Dockerfile
index 52d74478..ad935053 100644
--- a/docker/elasticpot/Dockerfile
+++ b/docker/elasticpot/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:latest
+FROM alpine:3.12
#
# Include dist
ADD dist/ /root/dist/
@@ -20,8 +20,9 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
python3-dev && \
mkdir -p /opt && \
cd /opt/ && \
- git clone --depth=1 https://gitlab.com/bontchev/elasticpot.git/ && \
+ git clone https://gitlab.com/bontchev/elasticpot.git/ && \
cd elasticpot && \
+ git checkout d12649730d819bd78ea622361b6c65120173ad45 && \
pip3 install -r requirements.txt && \
#
# Setup user, groups and configs
diff --git a/docker/elasticpot/docker-compose.yml b/docker/elasticpot/docker-compose.yml
index 16ce22cf..e8d3e67d 100644
--- a/docker/elasticpot/docker-compose.yml
+++ b/docker/elasticpot/docker-compose.yml
@@ -14,7 +14,7 @@ services:
- elasticpot_local
ports:
- "9200:9200"
- image: "dtagdevsec/elasticpot:2006"
+ image: "ghcr.io/telekom-security/elasticpot:2006"
read_only: true
volumes:
- /data/elasticpot/log:/opt/elasticpot/log
diff --git a/docker/elk/docker-compose.yml b/docker/elk/docker-compose.yml
index 09d59dbb..c49be155 100644
--- a/docker/elk/docker-compose.yml
+++ b/docker/elk/docker-compose.yml
@@ -24,7 +24,7 @@ services:
mem_limit: 4g
ports:
- "127.0.0.1:64298:9200"
- image: "dtagdevsec/elasticsearch:2006"
+ image: "ghcr.io/telekom-security/elasticsearch:2006"
volumes:
- /data:/data
@@ -39,7 +39,7 @@ services:
condition: service_healthy
ports:
- "127.0.0.1:64296:5601"
- image: "dtagdevsec/kibana:2006"
+ image: "ghcr.io/telekom-security/kibana:2006"
## Logstash service
logstash:
@@ -53,7 +53,7 @@ services:
condition: service_healthy
env_file:
- /opt/tpot/etc/compose/elk_environment
- image: "dtagdevsec/logstash:2006"
+ image: "ghcr.io/telekom-security/logstash:2006"
volumes:
- /data:/data
# - /root/tpotce/docker/elk/logstash/dist/logstash.conf:/etc/logstash/conf.d/logstash.conf
@@ -68,5 +68,5 @@ services:
condition: service_healthy
ports:
- "127.0.0.1:64302:9100"
- image: "dtagdevsec/head:2006"
+ image: "ghcr.io/telekom-security/head:2006"
read_only: true
diff --git a/docker/elk/elasticsearch/Dockerfile b/docker/elk/elasticsearch/Dockerfile
index 89d19c4c..7d35544a 100644
--- a/docker/elk/elasticsearch/Dockerfile
+++ b/docker/elk/elasticsearch/Dockerfile
@@ -1,7 +1,7 @@
FROM alpine:3.12
#
# VARS
-ENV ES_VER=7.9.0 \
+ENV ES_VER=7.9.1 \
JAVA_HOME=/usr/lib/jvm/java-11-openjdk
# Include dist
ADD dist/ /root/dist/
diff --git a/docker/elk/elasticsearch/docker-compose.yml b/docker/elk/elasticsearch/docker-compose.yml
index 3f51dcb5..0cf2ccf6 100644
--- a/docker/elk/elasticsearch/docker-compose.yml
+++ b/docker/elk/elasticsearch/docker-compose.yml
@@ -24,6 +24,6 @@ services:
mem_limit: 2g
ports:
- "127.0.0.1:64298:9200"
- image: "dtagdevsec/elasticsearch:2006"
+ image: "ghcr.io/telekom-security/elasticsearch:2006"
volumes:
- /data:/data
diff --git a/docker/elk/head/Dockerfile b/docker/elk/head/Dockerfile
index e1022f55..9a81ea4e 100644
--- a/docker/elk/head/Dockerfile
+++ b/docker/elk/head/Dockerfile
@@ -10,7 +10,8 @@ RUN apk -U add \
# Get and install packages
mkdir -p /usr/src/app/ && \
cd /usr/src/app/ && \
- git clone --depth=1 https://github.com/mobz/elasticsearch-head . && \
+ git clone https://github.com/mobz/elasticsearch-head . && \
+ git checkout d0a25608854479f0b3f2dca24e8039a2fd66b0e2 && \
npm install http-server && \
sed -i "s#\"http\:\/\/localhost\:9200\"#window.location.protocol \+ \'\/\/\' \+ window.location.hostname \+ \'\:\' \+ window.location.port \+ \'\/es\/\'#" /usr/src/app/_site/app.js && \
#
diff --git a/docker/elk/head/docker-compose.yml b/docker/elk/head/docker-compose.yml
index 5cfaafdb..3c0bf2a3 100644
--- a/docker/elk/head/docker-compose.yml
+++ b/docker/elk/head/docker-compose.yml
@@ -12,5 +12,5 @@ services:
# condition: service_healthy
ports:
- "127.0.0.1:64302:9100"
- image: "dtagdevsec/head:2006"
+ image: "ghcr.io/telekom-security/head:2006"
read_only: true
diff --git a/docker/elk/kibana/Dockerfile b/docker/elk/kibana/Dockerfile
index 3c7d9db9..d910ad3d 100644
--- a/docker/elk/kibana/Dockerfile
+++ b/docker/elk/kibana/Dockerfile
@@ -1,7 +1,7 @@
-FROM node:10.21.0-alpine
+FROM node:10.22.0-alpine
#
# VARS
-ENV KB_VER=7.9.0
+ENV KB_VER=7.9.1
#
# Include dist
ADD dist/ /root/dist/
diff --git a/docker/elk/kibana/docker-compose.yml b/docker/elk/kibana/docker-compose.yml
index 2f464089..e00ddc33 100644
--- a/docker/elk/kibana/docker-compose.yml
+++ b/docker/elk/kibana/docker-compose.yml
@@ -12,4 +12,4 @@ services:
# condition: service_healthy
ports:
- "127.0.0.1:64296:5601"
- image: "dtagdevsec/kibana:2006"
+ image: "ghcr.io/telekom-security/kibana:2006"
diff --git a/docker/elk/logstash/Dockerfile b/docker/elk/logstash/Dockerfile
index 16e22035..5ce52d3b 100644
--- a/docker/elk/logstash/Dockerfile
+++ b/docker/elk/logstash/Dockerfile
@@ -1,7 +1,7 @@
FROM alpine:3.12
#
# VARS
-ENV LS_VER=7.9.0
+ENV LS_VER=7.9.1
# Include dist
ADD dist/ /root/dist/
#
diff --git a/docker/elk/logstash/docker-compose.yml b/docker/elk/logstash/docker-compose.yml
index ed94864b..187a30bb 100644
--- a/docker/elk/logstash/docker-compose.yml
+++ b/docker/elk/logstash/docker-compose.yml
@@ -14,7 +14,7 @@ services:
# condition: service_healthy
env_file:
- /opt/tpot/etc/compose/elk_environment
- image: "dtagdevsec/logstash:2006"
+ image: "ghcr.io/telekom-security/logstash:2006"
volumes:
- /data:/data
# - /root/tpotce/docker/elk/logstash/dist/logstash.conf:/etc/logstash/conf.d/logstash.conf
diff --git a/docker/ews/Dockerfile b/docker/ews/Dockerfile
index 27cee956..aae573ee 100644
--- a/docker/ews/Dockerfile
+++ b/docker/ews/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:latest
+FROM alpine:3.12
#
# Include dist
ADD dist/ /root/dist/
@@ -23,7 +23,9 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
pip3 install --no-cache-dir configparser hpfeeds3 pyOpenSSL xmljson && \
#
# Setup ewsposter
- git clone --depth=1 https://github.com/dtag-dev-sec/ewsposter /opt/ewsposter && \
+ git clone https://github.com/telekom-security/ewsposter /opt/ewsposter && \
+ cd /opt/ewsposter && \
+ git checkout f9c0623d44a837f666ec39659665020c7460dec8 && \
mkdir -p /opt/ewsposter/spool /opt/ewsposter/log && \
#
# Setup user and groups
diff --git a/docker/ews/docker-compose.yml b/docker/ews/docker-compose.yml
index 1900e1d3..c8885143 100644
--- a/docker/ews/docker-compose.yml
+++ b/docker/ews/docker-compose.yml
@@ -23,7 +23,7 @@ services:
- EWS_HPFEEDS_FORMAT=json
env_file:
- /opt/tpot/etc/compose/elk_environment
- image: "dtagdevsec/ewsposter:2006"
+ image: "ghcr.io/telekom-security/ewsposter:2006"
volumes:
- /data:/data
- /data/ews/conf/ews.ip:/opt/ewsposter/ews.ip
diff --git a/docker/fatt/Dockerfile b/docker/fatt/Dockerfile
index 30864c2c..7247823d 100644
--- a/docker/fatt/Dockerfile
+++ b/docker/fatt/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:latest
+FROM alpine:3.12
#
# Include dist
#ADD dist/ /root/dist/
@@ -21,8 +21,9 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
# Install fatt
mkdir -p /opt && \
cd /opt && \
- git clone --depth=1 https://github.com/0x4D31/fatt && \
+ git clone https://github.com/0x4D31/fatt && \
cd fatt && \
+ git checkout 314cd1ff7873b5a145a51ec4e85f6107828a2c79 && \
mkdir -p log && \
pip3 install pyshark==0.4.2.2 && \
#
diff --git a/docker/fatt/docker-compose.yml b/docker/fatt/docker-compose.yml
index 1550ed3a..39ad84f8 100644
--- a/docker/fatt/docker-compose.yml
+++ b/docker/fatt/docker-compose.yml
@@ -12,6 +12,6 @@ services:
- NET_ADMIN
- SYS_NICE
- NET_RAW
- image: "dtagdevsec/fatt:2006"
+ image: "ghcr.io/telekom-security/fatt:2006"
volumes:
- /data/fatt/log:/opt/fatt/log
diff --git a/docker/glutton/Dockerfile b/docker/glutton/Dockerfile
index 34c51835..7322eb54 100644
--- a/docker/glutton/Dockerfile
+++ b/docker/glutton/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:latest
+FROM alpine:3.12
#
# Include dist
ADD dist/ /root/dist/
@@ -22,6 +22,7 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
cd /opt/go/ && \
git clone https://github.com/mushorg/glutton && \
cd /opt/go/glutton/ && \
+ git checkout 08f364fff489a82667866ecff2bcc4815569a0c8 && \
mv /root/dist/system.go /opt/go/glutton/ && \
go mod download && \
make build && \
diff --git a/docker/glutton/docker-compose.yml b/docker/glutton/docker-compose.yml
index 68843e9d..3d050516 100644
--- a/docker/glutton/docker-compose.yml
+++ b/docker/glutton/docker-compose.yml
@@ -13,7 +13,7 @@ services:
network_mode: "host"
cap_add:
- NET_ADMIN
- image: "dtagdevsec/glutton:2006"
+ image: "ghcr.io/telekom-security/glutton:2006"
read_only: true
volumes:
- /data/glutton/log:/var/log/glutton
diff --git a/docker/heimdall/Dockerfile b/docker/heimdall/Dockerfile
index cc5154d6..f3d01ab9 100644
--- a/docker/heimdall/Dockerfile
+++ b/docker/heimdall/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:latest
+FROM alpine:3.12
#
# Include dist
ADD dist/ /root/dist/
@@ -28,6 +28,9 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
#
# Clone and setup Heimdall, Nginx
git clone https://github.com/linuxserver/heimdall && \
+ cd heimdall && \
+ git checkout 3a9bdd2c431d70803b259990fa4d81db4b06dba4 && \
+ cd .. && \
cp -R heimdall/. /var/lib/nginx/html && \
rm -rf heimdall && \
cd /var/lib/nginx/html && \
diff --git a/docker/heimdall/dist/app/app.sqlite b/docker/heimdall/dist/app/app.sqlite
index 5447bd06..827ac16d 100755
Binary files a/docker/heimdall/dist/app/app.sqlite and b/docker/heimdall/dist/app/app.sqlite differ
diff --git a/docker/heimdall/docker-compose.yml b/docker/heimdall/docker-compose.yml
index 98346f10..a879a991 100644
--- a/docker/heimdall/docker-compose.yml
+++ b/docker/heimdall/docker-compose.yml
@@ -26,7 +26,7 @@ services:
ports:
- "64297:64297"
- "127.0.0.1:64304:64304"
- image: "dtagdevsec/nginx:2006"
+ image: "ghcr.io/telekom-security/nginx:2006"
read_only: true
volumes:
- /data/nginx/cert/:/etc/nginx/cert/:ro
diff --git a/docker/heralding/Dockerfile b/docker/heralding/Dockerfile
index ce3eb6ea..7f593621 100644
--- a/docker/heralding/Dockerfile
+++ b/docker/heralding/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:latest
+FROM alpine:3.12
#
# Include dist
ADD dist/ /root/dist/
@@ -21,8 +21,9 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
# Setup heralding
mkdir -p /opt && \
cd /opt/ && \
- git clone --depth=1 https://github.com/johnnykv/heralding && \
+ git clone https://github.com/johnnykv/heralding && \
cd heralding && \
+ git checkout bc1320e2d056c730c821cd42a19a262bfceebfd7 && \
pip3 install --no-cache-dir -r requirements.txt && \
pip3 install --no-cache-dir . && \
#
diff --git a/docker/heralding/docker-compose.yml b/docker/heralding/docker-compose.yml
index 15f92661..945cb0c3 100644
--- a/docker/heralding/docker-compose.yml
+++ b/docker/heralding/docker-compose.yml
@@ -30,7 +30,7 @@ services:
- "3389:3389"
- "5432:5432"
- "5900:5900"
- image: "dtagdevsec/heralding:2006"
+ image: "ghcr.io/telekom-security/heralding:2006"
read_only: true
volumes:
- /data/heralding/log:/var/log/heralding
diff --git a/docker/honeypy/Dockerfile b/docker/honeypy/Dockerfile
index 833aa2e4..e796f446 100644
--- a/docker/honeypy/Dockerfile
+++ b/docker/honeypy/Dockerfile
@@ -17,8 +17,9 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
pip install --no-cache-dir virtualenv && \
#
# Clone honeypy from git
- git clone --depth=1 https://github.com/foospidy/HoneyPy /opt/honeypy && \
+ git clone https://github.com/foospidy/HoneyPy /opt/honeypy && \
cd /opt/honeypy && \
+ git checkout feccab56ca922bcab01cac4ffd82f588d61ab1c5 && \
sed -i 's/local_host/dest_ip/g' /opt/honeypy/loggers/file/honeypy_file.py && \
sed -i 's/local_port/dest_port/g' /opt/honeypy/loggers/file/honeypy_file.py && \
sed -i 's/remote_host/src_ip/g' /opt/honeypy/loggers/file/honeypy_file.py && \
diff --git a/docker/honeypy/docker-compose.yml b/docker/honeypy/docker-compose.yml
index dd12fa2d..caa6c928 100644
--- a/docker/honeypy/docker-compose.yml
+++ b/docker/honeypy/docker-compose.yml
@@ -20,7 +20,7 @@ services:
- "2324:2324"
- "4096:4096"
- "9200:9200"
- image: "dtagdevsec/honeypy:2006"
+ image: "ghcr.io/telekom-security/honeypy:2006"
read_only: true
volumes:
- /data/honeypy/log:/opt/honeypy/log
diff --git a/docker/honeysap/Dockerfile b/docker/honeysap/Dockerfile
index 01c280a6..d6c2e4d1 100644
--- a/docker/honeysap/Dockerfile
+++ b/docker/honeysap/Dockerfile
@@ -18,6 +18,7 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
# git clone --depth=1 https://github.com/SecureAuthCorp/HoneySAP /opt/honeysap && \
git clone --depth=1 https://github.com/t3chn0m4g3/HoneySAP /opt/honeysap && \
cd /opt/honeysap && \
+ git checkout a3c355a710d399de9d543659a685effaa70e683d && \
mkdir conf && \
cp /root/dist/* conf/ && \
python setup.py install && \
diff --git a/docker/honeysap/docker-compose.yml b/docker/honeysap/docker-compose.yml
index 830a8c0b..032f5607 100644
--- a/docker/honeysap/docker-compose.yml
+++ b/docker/honeysap/docker-compose.yml
@@ -14,6 +14,6 @@ services:
- honeysap_local
ports:
- "3299:3299"
- image: "dtagdevsec/honeysap:2006"
+ image: "ghcr.io/telekom-security/honeysap:2006"
volumes:
- /data/honeysap/log:/opt/honeysap/log
diff --git a/docker/honeytrap/Dockerfile b/docker/honeytrap/Dockerfile
index 80df2fdd..e2507ffb 100644
--- a/docker/honeytrap/Dockerfile
+++ b/docker/honeytrap/Dockerfile
@@ -29,6 +29,7 @@ RUN apt-get update -y && \
git clone https://github.com/armedpot/honeytrap /root/honeytrap && \
# git clone https://github.com/t3chn0m4g3/honeytrap /root/honeytrap && \
cd /root/honeytrap/ && \
+ git checkout 9aa4f734f2ea2f0da790b02d79afe18204a23982 && \
autoreconf -vfi && \
./configure \
--with-stream-mon=nfq \
diff --git a/docker/honeytrap/docker-compose.yml b/docker/honeytrap/docker-compose.yml
index 7573b3d5..e049e86e 100644
--- a/docker/honeytrap/docker-compose.yml
+++ b/docker/honeytrap/docker-compose.yml
@@ -12,7 +12,7 @@ services:
network_mode: "host"
cap_add:
- NET_ADMIN
- image: "dtagdevsec/honeytrap:2006"
+ image: "ghcr.io/telekom-security/honeytrap:2006"
read_only: true
volumes:
- /data/honeytrap/attacks:/opt/honeytrap/var/attacks
diff --git a/docker/ipphoney/Dockerfile b/docker/ipphoney/Dockerfile
index dfad9560..e51589be 100644
--- a/docker/ipphoney/Dockerfile
+++ b/docker/ipphoney/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:latest
+FROM alpine:3.12
#
# Include dist
ADD dist/ /root/dist/
@@ -21,8 +21,9 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
python3-dev && \
mkdir -p /opt && \
cd /opt/ && \
- git clone --depth=1 https://gitlab.com/bontchev/ipphoney.git/ && \
+ git clone https://gitlab.com/bontchev/ipphoney.git/ && \
cd ipphoney && \
+ git checkout db8c6e91bff27b5c376339c5effbb45355897ab5 && \
pip3 install -r requirements.txt && \
setcap cap_net_bind_service=+ep /usr/bin/python3.8 && \
#
diff --git a/docker/ipphoney/docker-compose.yml b/docker/ipphoney/docker-compose.yml
index 69328fc0..53f7e681 100644
--- a/docker/ipphoney/docker-compose.yml
+++ b/docker/ipphoney/docker-compose.yml
@@ -14,7 +14,7 @@ services:
- ipphoney_local
ports:
- "631:631"
- image: "dtagdevsec/ipphoney:2006"
+ image: "ghcr.io/telekom-security/ipphoney:2006"
read_only: true
volumes:
- /data/ipphoney/log:/opt/ipphoney/log
diff --git a/docker/mailoney/Dockerfile b/docker/mailoney/Dockerfile
index 2c6efd6b..2376f854 100644
--- a/docker/mailoney/Dockerfile
+++ b/docker/mailoney/Dockerfile
@@ -13,8 +13,9 @@ RUN apk -U --no-cache add \
python-dev && \
#
# Install libemu
- git clone --depth=1 https://github.com/buffer/libemu /root/libemu/ && \
+ git clone https://github.com/buffer/libemu /root/libemu/ && \
cd /root/libemu/ && \
+ git checkout e2624361e13588da74a2ce3e1dea0abb59dcf1d0 && \
autoreconf -vi && \
./configure && \
make && \
@@ -26,7 +27,9 @@ RUN apk -U --no-cache add \
pylibemu && \
#
# Install mailoney from git
- git clone --depth=1 https://github.com/t3chn0m4g3/mailoney /opt/mailoney && \
+ git clone https://github.com/t3chn0m4g3/mailoney /opt/mailoney && \
+ cd /opt/mailoney && \
+ git checkout 85c37649a99e1cec3f8d48d509653c9a8127ea4f && \
#
# Setup user, groups and configs
addgroup -g 2000 mailoney && \
diff --git a/docker/mailoney/docker-compose.yml b/docker/mailoney/docker-compose.yml
index c5979e6b..5b131acd 100644
--- a/docker/mailoney/docker-compose.yml
+++ b/docker/mailoney/docker-compose.yml
@@ -20,7 +20,7 @@ services:
- mailoney_local
ports:
- "25:25"
- image: "dtagdevsec/mailoney:2006"
+ image: "ghcr.io/telekom-security/mailoney:2006"
read_only: true
volumes:
- /data/mailoney/log:/opt/mailoney/logs
diff --git a/docker/medpot/Dockerfile b/docker/medpot/Dockerfile
index 05ea54d6..8dd1a1d4 100644
--- a/docker/medpot/Dockerfile
+++ b/docker/medpot/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:latest
+FROM alpine:3.12
#
# Setup apk
RUN apk -U --no-cache add \
@@ -12,6 +12,9 @@ RUN apk -U --no-cache add \
mkdir -p /opt/go/src && \
cd /opt/go/src && \
git clone https://github.com/schmalle/medpot && \
+ cd medpot && \
+ git checkout 75a2e6134cf926c35b6017d62542274434c87388 && \
+ cd .. && \
go get -d -v github.com/davecgh/go-spew/spew && \
go get -d -v github.com/go-ini/ini && \
go get -d -v github.com/mozillazg/request && \
diff --git a/docker/medpot/docker-compose.yml b/docker/medpot/docker-compose.yml
index a5565475..6d6490b1 100644
--- a/docker/medpot/docker-compose.yml
+++ b/docker/medpot/docker-compose.yml
@@ -14,7 +14,7 @@ services:
- medpot_local
ports:
- "2575:2575"
- image: "dtagdevsec/medpot:2006"
+ image: "ghcr.io/telekom-security/medpot:2006"
read_only: true
volumes:
- /data/medpot/log/:/var/log/medpot
diff --git a/docker/p0f/Dockerfile b/docker/p0f/Dockerfile
index 6568b41f..5da6b822 100644
--- a/docker/p0f/Dockerfile
+++ b/docker/p0f/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:latest
+FROM alpine:3.12
#
# Add source
ADD . /opt/p0f
@@ -29,7 +29,7 @@ RUN apk -U --no-cache add \
rm -rf /root/* && \
rm -rf /var/cache/apk/*
#
-# Start suricata
+# Start p0f
WORKDIR /opt/p0f
USER p0f:p0f
CMD exec /opt/p0f/p0f -u p0f -j -o /var/log/p0f/p0f.json -i $(/sbin/ip address | grep '^2: ' | awk '{ print $2 }' | tr -d [:punct:]) > /dev/null
diff --git a/docker/p0f/README.md b/docker/p0f/README.md
deleted file mode 100644
index c3af5e3c..00000000
--- a/docker/p0f/README.md
+++ /dev/null
@@ -1,11 +0,0 @@
-[](https://microbadger.com/images/dtagdevsec/p0f:1804 "Get your own version badge on microbadger.com") [](https://microbadger.com/images/dtagdevsec/p0f:1804 "Get your own image badge on microbadger.com")
-
-# p0f
-
-[p0f](http://lcamtuf.coredump.cx/p0f3/) P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way.
-
-This dockerized version is part of the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)** of Deutsche Telekom AG.
-
-The `Dockerfile` contains the blueprint for the dockerized p0f and will be used to setup the docker image.
-
-The `docker-compose.yml` contains the necessary settings to test p0f using `docker-compose`. This will ensure to start the docker container with the appropriate permissions and port mappings.
diff --git a/docker/p0f/docker-compose.yml b/docker/p0f/docker-compose.yml
index 0b1329b8..f3f18081 100644
--- a/docker/p0f/docker-compose.yml
+++ b/docker/p0f/docker-compose.yml
@@ -8,7 +8,7 @@ services:
container_name: p0f
restart: always
network_mode: "host"
- image: "dtagdevsec/p0f:2006"
+ image: "ghcr.io/telekom-security/p0f:2006"
read_only: true
volumes:
- /data/p0f/log:/var/log/p0f
diff --git a/docker/rdpy/Dockerfile b/docker/rdpy/Dockerfile
index 700039f9..c15b58f0 100644
--- a/docker/rdpy/Dockerfile
+++ b/docker/rdpy/Dockerfile
@@ -34,8 +34,9 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
# Install rdpy from git
mkdir -p /opt && \
cd /opt && \
- git clone --depth=1 https://github.com/t3chn0m4g3/rdpy && \
+ git clone https://github.com/t3chn0m4g3/rdpy && \
cd rdpy && \
+ git checkout 1d2a4132aefe0637d09cac1a6ab83ec5391f40ca && \
python setup.py install && \
#
# Setup user, groups and configs
diff --git a/docker/rdpy/docker-compose.yml b/docker/rdpy/docker-compose.yml
index c991c270..8912b3f1 100644
--- a/docker/rdpy/docker-compose.yml
+++ b/docker/rdpy/docker-compose.yml
@@ -22,7 +22,7 @@ services:
- rdpy_local
ports:
- "3389:3389"
- image: "dtagdevsec/rdpy:2006"
+ image: "ghcr.io/telekom-security/rdpy:2006"
read_only: true
volumes:
- /data/rdpy/log:/var/log/rdpy
diff --git a/docker/spiderfoot/Dockerfile b/docker/spiderfoot/Dockerfile
index 5462e68a..42380135 100644
--- a/docker/spiderfoot/Dockerfile
+++ b/docker/spiderfoot/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:latest
+FROM alpine:3.12
#
# Get and install dependencies & packages
RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
diff --git a/docker/spiderfoot/docker-compose.yml b/docker/spiderfoot/docker-compose.yml
index efc808c9..0e90c8ba 100644
--- a/docker/spiderfoot/docker-compose.yml
+++ b/docker/spiderfoot/docker-compose.yml
@@ -14,6 +14,6 @@ services:
- spiderfoot_local
ports:
- "127.0.0.1:64303:8080"
- image: "dtagdevsec/spiderfoot:2006"
+ image: "ghcr.io/telekom-security/spiderfoot:2006"
volumes:
- /data/spiderfoot/spiderfoot.db:/home/spiderfoot/spiderfoot.db
diff --git a/docker/suricata/Dockerfile b/docker/suricata/Dockerfile
index 3d9196cb..97346747 100644
--- a/docker/suricata/Dockerfile
+++ b/docker/suricata/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:latest
+FROM alpine:3.12
#
# Include dist
ADD dist/ /root/dist/
@@ -9,6 +9,7 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
ca-certificates \
curl \
file \
+ hiredis \
libcap \
wget && \
apk -U add --repository http://dl-cdn.alpinelinux.org/alpine/edge/community \
diff --git a/docker/suricata/docker-compose.yml b/docker/suricata/docker-compose.yml
index 4568fba9..9b7434c4 100644
--- a/docker/suricata/docker-compose.yml
+++ b/docker/suricata/docker-compose.yml
@@ -15,6 +15,6 @@ services:
- NET_ADMIN
- SYS_NICE
- NET_RAW
- image: "dtagdevsec/suricata:2006"
+ image: "ghcr.io/telekom-security/suricata:2006"
volumes:
- /data/suricata/log:/var/log/suricata
diff --git a/docker/tanner/docker-compose.yml b/docker/tanner/docker-compose.yml
index b70977a3..ff2e4bec 100644
--- a/docker/tanner/docker-compose.yml
+++ b/docker/tanner/docker-compose.yml
@@ -14,7 +14,7 @@ services:
tty: true
networks:
- tanner_local
- image: "dtagdevsec/redis:2006"
+ image: "ghcr.io/telekom-security/redis:2006"
read_only: true
# PHP Sandbox service
@@ -28,7 +28,7 @@ services:
tty: true
networks:
- tanner_local
- image: "dtagdevsec/phpox:2006"
+ image: "ghcr.io/telekom-security/phpox:2006"
read_only: true
# Tanner API Service
@@ -42,7 +42,7 @@ services:
tty: true
networks:
- tanner_local
- image: "dtagdevsec/tanner:2006"
+ image: "ghcr.io/telekom-security/tanner:2006"
read_only: true
volumes:
- /data/tanner/log:/var/log/tanner
@@ -63,7 +63,7 @@ services:
- tanner_local
# ports:
# - "127.0.0.1:8091:8091"
- image: "dtagdevsec/tanner:2006"
+ image: "ghcr.io/telekom-security/tanner:2006"
command: tannerweb
read_only: true
volumes:
@@ -82,7 +82,7 @@ services:
tty: true
networks:
- tanner_local
- image: "dtagdevsec/tanner:2006"
+ image: "ghcr.io/telekom-security/tanner:2006"
command: tanner
read_only: true
volumes:
@@ -104,6 +104,6 @@ services:
- tanner_local
ports:
- "80:80"
- image: "dtagdevsec/snare:2006"
+ image: "ghcr.io/telekom-security/snare:2006"
depends_on:
- tanner
diff --git a/docker/tanner/phpox/Dockerfile b/docker/tanner/phpox/Dockerfile
index 621f4495..c3a4eb70 100644
--- a/docker/tanner/phpox/Dockerfile
+++ b/docker/tanner/phpox/Dockerfile
@@ -15,8 +15,9 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
re2c && \
#
# Install bfr sandbox from git
- git clone --depth=1 https://github.com/mushorg/BFR /opt/BFR && \
+ git clone https://github.com/mushorg/BFR /opt/BFR && \
cd /opt/BFR && \
+ git checkout 508729202428a35bcc6bb27dd97b831f7e5009b5 && \
phpize7 && \
./configure \
--with-php-config=/usr/bin/php-config7 \
@@ -28,8 +29,9 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
echo "zend_extension = "$(find /usr -name bfr.so) >> /etc/php7/php.ini && \
#
# Install PHP Sandbox
- git clone --depth=1 https://github.com/mushorg/phpox /opt/phpox && \
+ git clone https://github.com/mushorg/phpox /opt/phpox && \
cd /opt/phpox && \
+ git checkout 001437b9ed3e228fac3828e18fe90991a330578d && \
pip3 install -r requirements.txt && \
make && \
#
diff --git a/docker/tanner/snare/Dockerfile b/docker/tanner/snare/Dockerfile
index 6dfe6375..cd462496 100644
--- a/docker/tanner/snare/Dockerfile
+++ b/docker/tanner/snare/Dockerfile
@@ -13,8 +13,9 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
python3-dev && \
#
# Setup Snare
- git clone --depth=1 https://github.com/mushorg/snare /opt/snare && \
+ git clone https://github.com/mushorg/snare /opt/snare && \
cd /opt/snare/ && \
+ git checkout 7762b762b272f0599c16e11ef997c37d2899d33e && \
pip3 install --no-cache-dir setuptools && \
pip3 install --no-cache-dir -r requirements.txt && \
python3 setup.py install && \
diff --git a/docker/tanner/tanner/Dockerfile b/docker/tanner/tanner/Dockerfile
index cdc1885a..6badbd0c 100644
--- a/docker/tanner/tanner/Dockerfile
+++ b/docker/tanner/tanner/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:latest
+FROM alpine:3.12
#
# Include dist
ADD dist/ /root/dist/
@@ -18,10 +18,11 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
python3-dev && \
#
# Setup Tanner
- git clone --depth=1 https://github.com/mushorg/tanner /opt/tanner && \
+ git clone https://github.com/mushorg/tanner /opt/tanner && \
cd /opt/tanner/ && \
# git fetch origin pull/364/head:test && \
# git checkout test && \
+ git checkout 40e2357119065445cbb06234e953a95e5a73ce93 && \
cp /root/dist/config.yaml /opt/tanner/tanner/data && \
pip3 install --no-cache-dir setuptools && \
pip3 install --no-cache-dir -r requirements.txt && \
diff --git a/etc/compose/collector.yml b/etc/compose/collector.yml
index 1827e2fe..6c16cf6c 100644
--- a/etc/compose/collector.yml
+++ b/etc/compose/collector.yml
@@ -38,7 +38,7 @@ services:
- "3389:3389"
- "5432:5432"
- "5900:5900"
- image: "dtagdevsec/heralding:2006"
+ image: "ghcr.io/telekom-security/heralding:2006"
read_only: true
volumes:
- /data/heralding/log:/var/log/heralding
@@ -52,7 +52,7 @@ services:
network_mode: "host"
cap_add:
- NET_ADMIN
- image: "dtagdevsec/honeytrap:2006"
+ image: "ghcr.io/telekom-security/honeytrap:2006"
read_only: true
volumes:
- /data/honeytrap/attacks:/opt/honeytrap/var/attacks
@@ -73,7 +73,7 @@ services:
- NET_ADMIN
- SYS_NICE
- NET_RAW
- image: "dtagdevsec/fatt:2006"
+ image: "ghcr.io/telekom-security/fatt:2006"
volumes:
- /data/fatt/log:/opt/fatt/log
@@ -82,7 +82,7 @@ services:
container_name: p0f
restart: always
network_mode: "host"
- image: "dtagdevsec/p0f:2006"
+ image: "ghcr.io/telekom-security/p0f:2006"
read_only: true
volumes:
- /data/p0f/log:/var/log/p0f
@@ -99,7 +99,7 @@ services:
- NET_ADMIN
- SYS_NICE
- NET_RAW
- image: "dtagdevsec/suricata:2006"
+ image: "ghcr.io/telekom-security/suricata:2006"
volumes:
- /data/suricata/log:/var/log/suricata
@@ -116,7 +116,7 @@ services:
- cyberchef_local
ports:
- "127.0.0.1:64299:8000"
- image: "dtagdevsec/cyberchef:2006"
+ image: "ghcr.io/telekom-security/cyberchef:2006"
read_only: true
#### ELK
@@ -140,7 +140,7 @@ services:
mem_limit: 4g
ports:
- "127.0.0.1:64298:9200"
- image: "dtagdevsec/elasticsearch:2006"
+ image: "ghcr.io/telekom-security/elasticsearch:2006"
volumes:
- /data:/data
@@ -153,7 +153,7 @@ services:
condition: service_healthy
ports:
- "127.0.0.1:64296:5601"
- image: "dtagdevsec/kibana:2006"
+ image: "ghcr.io/telekom-security/kibana:2006"
## Logstash service
logstash:
@@ -166,7 +166,7 @@ services:
condition: service_healthy
env_file:
- /opt/tpot/etc/compose/elk_environment
- image: "dtagdevsec/logstash:2006"
+ image: "ghcr.io/telekom-security/logstash:2006"
volumes:
- /data:/data
@@ -179,7 +179,7 @@ services:
condition: service_healthy
ports:
- "127.0.0.1:64302:9100"
- image: "dtagdevsec/head:2006"
+ image: "ghcr.io/telekom-security/head:2006"
read_only: true
# Ewsposter service
@@ -199,7 +199,7 @@ services:
- EWS_HPFEEDS_FORMAT=json
env_file:
- /opt/tpot/etc/compose/elk_environment
- image: "dtagdevsec/ewsposter:2006"
+ image: "ghcr.io/telekom-security/ewsposter:2006"
volumes:
- /data:/data
- /data/ews/conf/ews.ip:/opt/ewsposter/ews.ip
@@ -227,7 +227,7 @@ services:
ports:
- "64297:64297"
- "127.0.0.1:64304:64304"
- image: "dtagdevsec/nginx:2006"
+ image: "ghcr.io/telekom-security/nginx:2006"
read_only: true
volumes:
- /data/nginx/cert/:/etc/nginx/cert/:ro
@@ -245,6 +245,6 @@ services:
- spiderfoot_local
ports:
- "127.0.0.1:64303:8080"
- image: "dtagdevsec/spiderfoot:2006"
+ image: "ghcr.io/telekom-security/spiderfoot:2006"
volumes:
- /data/spiderfoot/spiderfoot.db:/home/spiderfoot/spiderfoot.db
diff --git a/etc/compose/industrial.yml b/etc/compose/industrial.yml
index 07df0f4a..8578c551 100644
--- a/etc/compose/industrial.yml
+++ b/etc/compose/industrial.yml
@@ -48,7 +48,7 @@ services:
- "21:21"
- "44818:44818"
- "47808:47808"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -70,7 +70,7 @@ services:
ports:
# - "161:161"
- "2404:2404"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -91,7 +91,7 @@ services:
- conpot_local_guardian_ast
ports:
- "10001:10001"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -112,7 +112,7 @@ services:
- conpot_local_ipmi
ports:
- "623:623"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -134,7 +134,7 @@ services:
ports:
- "1025:1025"
- "50100:50100"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -151,7 +151,7 @@ services:
ports:
- "22:22"
- "23:23"
- image: "dtagdevsec/cowrie:2006"
+ image: "ghcr.io/telekom-security/cowrie:2006"
read_only: true
volumes:
- /data/cowrie/downloads:/home/cowrie/cowrie/dl
@@ -170,7 +170,7 @@ services:
- dicompot_local
ports:
- "11112:11112"
- image: "dtagdevsec/dicompot:2006"
+ image: "ghcr.io/telekom-security/dicompot:2006"
read_only: true
volumes:
- /data/dicompot/log:/var/log/dicompot
@@ -199,7 +199,7 @@ services:
# - "3389:3389"
# - "5432:5432"
- "5900:5900"
- image: "dtagdevsec/heralding:2006"
+ image: "ghcr.io/telekom-security/heralding:2006"
read_only: true
volumes:
- /data/heralding/log:/var/log/heralding
@@ -212,7 +212,7 @@ services:
- honeysap_local
ports:
- "3299:3299"
- image: "dtagdevsec/honeysap:2006"
+ image: "ghcr.io/telekom-security/honeysap:2006"
volumes:
- /data/honeysap/log:/opt/honeysap/log
@@ -225,7 +225,7 @@ services:
network_mode: "host"
cap_add:
- NET_ADMIN
- image: "dtagdevsec/honeytrap:2006"
+ image: "ghcr.io/telekom-security/honeytrap:2006"
read_only: true
volumes:
- /data/honeytrap/attacks:/opt/honeytrap/var/attacks
@@ -240,7 +240,7 @@ services:
- medpot_local
ports:
- "2575:2575"
- image: "dtagdevsec/medpot:2006"
+ image: "ghcr.io/telekom-security/medpot:2006"
read_only: true
volumes:
- /data/medpot/log/:/var/log/medpot
@@ -261,7 +261,7 @@ services:
- rdpy_local
ports:
- "3389:3389"
- image: "dtagdevsec/rdpy:2006"
+ image: "ghcr.io/telekom-security/rdpy:2006"
read_only: true
volumes:
- /data/rdpy/log:/var/log/rdpy
@@ -280,7 +280,7 @@ services:
- NET_ADMIN
- SYS_NICE
- NET_RAW
- image: "dtagdevsec/fatt:2006"
+ image: "ghcr.io/telekom-security/fatt:2006"
volumes:
- /data/fatt/log:/opt/fatt/log
@@ -289,7 +289,7 @@ services:
container_name: p0f
restart: always
network_mode: "host"
- image: "dtagdevsec/p0f:2006"
+ image: "ghcr.io/telekom-security/p0f:2006"
read_only: true
volumes:
- /data/p0f/log:/var/log/p0f
@@ -306,7 +306,7 @@ services:
- NET_ADMIN
- SYS_NICE
- NET_RAW
- image: "dtagdevsec/suricata:2006"
+ image: "ghcr.io/telekom-security/suricata:2006"
volumes:
- /data/suricata/log:/var/log/suricata
@@ -323,7 +323,7 @@ services:
- cyberchef_local
ports:
- "127.0.0.1:64299:8000"
- image: "dtagdevsec/cyberchef:2006"
+ image: "ghcr.io/telekom-security/cyberchef:2006"
read_only: true
#### ELK
@@ -347,7 +347,7 @@ services:
mem_limit: 4g
ports:
- "127.0.0.1:64298:9200"
- image: "dtagdevsec/elasticsearch:2006"
+ image: "ghcr.io/telekom-security/elasticsearch:2006"
volumes:
- /data:/data
@@ -360,7 +360,7 @@ services:
condition: service_healthy
ports:
- "127.0.0.1:64296:5601"
- image: "dtagdevsec/kibana:2006"
+ image: "ghcr.io/telekom-security/kibana:2006"
## Logstash service
logstash:
@@ -373,7 +373,7 @@ services:
condition: service_healthy
env_file:
- /opt/tpot/etc/compose/elk_environment
- image: "dtagdevsec/logstash:2006"
+ image: "ghcr.io/telekom-security/logstash:2006"
volumes:
- /data:/data
@@ -386,7 +386,7 @@ services:
condition: service_healthy
ports:
- "127.0.0.1:64302:9100"
- image: "dtagdevsec/head:2006"
+ image: "ghcr.io/telekom-security/head:2006"
read_only: true
# Ewsposter service
@@ -406,7 +406,7 @@ services:
- EWS_HPFEEDS_FORMAT=json
env_file:
- /opt/tpot/etc/compose/elk_environment
- image: "dtagdevsec/ewsposter:2006"
+ image: "ghcr.io/telekom-security/ewsposter:2006"
volumes:
- /data:/data
- /data/ews/conf/ews.ip:/opt/ewsposter/ews.ip
@@ -434,7 +434,7 @@ services:
ports:
- "64297:64297"
- "127.0.0.1:64304:64304"
- image: "dtagdevsec/nginx:2006"
+ image: "ghcr.io/telekom-security/nginx:2006"
read_only: true
volumes:
- /data/nginx/cert/:/etc/nginx/cert/:ro
@@ -452,6 +452,6 @@ services:
- spiderfoot_local
ports:
- "127.0.0.1:64303:8080"
- image: "dtagdevsec/spiderfoot:2006"
+ image: "ghcr.io/telekom-security/spiderfoot:2006"
volumes:
- /data/spiderfoot/spiderfoot.db:/home/spiderfoot/spiderfoot.db
diff --git a/etc/compose/medical.yml b/etc/compose/medical.yml
index 9fad7fbb..28f01195 100644
--- a/etc/compose/medical.yml
+++ b/etc/compose/medical.yml
@@ -26,7 +26,7 @@ services:
- dicompot_local
ports:
- "11112:11112"
- image: "dtagdevsec/dicompot:2006"
+ image: "ghcr.io/telekom-security/dicompot:2006"
read_only: true
volumes:
- /data/dicompot/log:/var/log/dicompot
@@ -40,7 +40,7 @@ services:
- medpot_local
ports:
- "2575:2575"
- image: "dtagdevsec/medpot:2006"
+ image: "ghcr.io/telekom-security/medpot:2006"
read_only: true
volumes:
- /data/medpot/log/:/var/log/medpot
@@ -58,7 +58,7 @@ services:
- NET_ADMIN
- SYS_NICE
- NET_RAW
- image: "dtagdevsec/fatt:2006"
+ image: "ghcr.io/telekom-security/fatt:2006"
volumes:
- /data/fatt/log:/opt/fatt/log
@@ -67,7 +67,7 @@ services:
container_name: p0f
restart: always
network_mode: "host"
- image: "dtagdevsec/p0f:2006"
+ image: "ghcr.io/telekom-security/p0f:2006"
read_only: true
volumes:
- /data/p0f/log:/var/log/p0f
@@ -84,7 +84,7 @@ services:
- NET_ADMIN
- SYS_NICE
- NET_RAW
- image: "dtagdevsec/suricata:2006"
+ image: "ghcr.io/telekom-security/suricata:2006"
volumes:
- /data/suricata/log:/var/log/suricata
@@ -101,7 +101,7 @@ services:
- cyberchef_local
ports:
- "127.0.0.1:64299:8000"
- image: "dtagdevsec/cyberchef:2006"
+ image: "ghcr.io/telekom-security/cyberchef:2006"
read_only: true
#### ELK
@@ -125,7 +125,7 @@ services:
mem_limit: 4g
ports:
- "127.0.0.1:64298:9200"
- image: "dtagdevsec/elasticsearch:2006"
+ image: "ghcr.io/telekom-security/elasticsearch:2006"
volumes:
- /data:/data
@@ -138,7 +138,7 @@ services:
condition: service_healthy
ports:
- "127.0.0.1:64296:5601"
- image: "dtagdevsec/kibana:2006"
+ image: "ghcr.io/telekom-security/kibana:2006"
## Logstash service
logstash:
@@ -151,7 +151,7 @@ services:
condition: service_healthy
env_file:
- /opt/tpot/etc/compose/elk_environment
- image: "dtagdevsec/logstash:2006"
+ image: "ghcr.io/telekom-security/logstash:2006"
volumes:
- /data:/data
@@ -164,7 +164,7 @@ services:
condition: service_healthy
ports:
- "127.0.0.1:64302:9100"
- image: "dtagdevsec/head:2006"
+ image: "ghcr.io/telekom-security/head:2006"
read_only: true
# Ewsposter service
@@ -184,7 +184,7 @@ services:
- EWS_HPFEEDS_FORMAT=json
env_file:
- /opt/tpot/etc/compose/elk_environment
- image: "dtagdevsec/ewsposter:2006"
+ image: "ghcr.io/telekom-security/ewsposter:2006"
volumes:
- /data:/data
- /data/ews/conf/ews.ip:/opt/ewsposter/ews.ip
@@ -212,7 +212,7 @@ services:
ports:
- "64297:64297"
- "127.0.0.1:64304:64304"
- image: "dtagdevsec/nginx:2006"
+ image: "ghcr.io/telekom-security/nginx:2006"
read_only: true
volumes:
- /data/nginx/cert/:/etc/nginx/cert/:ro
@@ -230,6 +230,6 @@ services:
- spiderfoot_local
ports:
- "127.0.0.1:64303:8080"
- image: "dtagdevsec/spiderfoot:2006"
+ image: "ghcr.io/telekom-security/spiderfoot:2006"
volumes:
- /data/spiderfoot/spiderfoot.db:/home/spiderfoot/spiderfoot.db
diff --git a/etc/compose/nextgen.yml b/etc/compose/nextgen.yml
index 80a7e7ae..c2829659 100644
--- a/etc/compose/nextgen.yml
+++ b/etc/compose/nextgen.yml
@@ -40,7 +40,7 @@ services:
- adbhoney_local
ports:
- "5555:5555"
- image: "dtagdevsec/adbhoney:2006"
+ image: "ghcr.io/telekom-security/adbhoney:2006"
read_only: true
volumes:
- /data/adbhoney/log:/opt/adbhoney/log
@@ -57,7 +57,7 @@ services:
ports:
- "5000:5000/udp"
- "8443:8443"
- image: "dtagdevsec/ciscoasa:2006"
+ image: "ghcr.io/telekom-security/ciscoasa:2006"
read_only: true
volumes:
- /data/ciscoasa/log:/var/log/ciscoasa
@@ -70,7 +70,7 @@ services:
- citrixhoneypot_local
ports:
- "443:443"
- image: "dtagdevsec/citrixhoneypot:2006"
+ image: "ghcr.io/telekom-security/citrixhoneypot:2006"
read_only: true
volumes:
- /data/citrixhoneypot/logs:/opt/citrixhoneypot/logs
@@ -92,7 +92,7 @@ services:
ports:
- "161:161"
- "2404:2404"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -113,7 +113,7 @@ services:
- conpot_local_guardian_ast
ports:
- "10001:10001"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -134,7 +134,7 @@ services:
- conpot_local_ipmi
ports:
- "623:623"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -156,7 +156,7 @@ services:
ports:
- "1025:1025"
- "50100:50100"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -173,7 +173,7 @@ services:
ports:
- "22:22"
- "23:23"
- image: "dtagdevsec/cowrie:2006"
+ image: "ghcr.io/telekom-security/cowrie:2006"
read_only: true
volumes:
- /data/cowrie/downloads:/home/cowrie/cowrie/dl
@@ -192,7 +192,7 @@ services:
- dicompot_local
ports:
- "11112:11112"
- image: "dtagdevsec/dicompot:2006"
+ image: "ghcr.io/telekom-security/dicompot:2006"
read_only: true
volumes:
- /data/dicompot/log:/var/log/dicompot
@@ -223,7 +223,7 @@ services:
- "5060:5060/udp"
- "5061:5061"
- "27017:27017"
- image: "dtagdevsec/dionaea:2006"
+ image: "ghcr.io/telekom-security/dionaea:2006"
read_only: true
volumes:
- /data/dionaea/roots/ftp:/opt/dionaea/var/dionaea/roots/ftp
@@ -243,7 +243,7 @@ services:
- elasticpot_local
ports:
- "9200:9200"
- image: "dtagdevsec/elasticpot:2006"
+ image: "ghcr.io/telekom-security/elasticpot:2006"
read_only: true
volumes:
- /data/elasticpot/log:/opt/elasticpot/log
@@ -258,7 +258,7 @@ services:
network_mode: "host"
cap_add:
- NET_ADMIN
- image: "dtagdevsec/glutton:2006"
+ image: "ghcr.io/telekom-security/glutton:2006"
read_only: true
volumes:
- /data/glutton/log:/var/log/glutton
@@ -288,7 +288,7 @@ services:
- "1080:1080"
- "5432:5432"
- "5900:5900"
- image: "dtagdevsec/heralding:2006"
+ image: "ghcr.io/telekom-security/heralding:2006"
read_only: true
volumes:
- /data/heralding/log:/var/log/heralding
@@ -307,7 +307,7 @@ services:
- "2324:2324"
- "4096:4096"
# - "9200:9200"
- image: "dtagdevsec/honeypy:2006"
+ image: "ghcr.io/telekom-security/honeypy:2006"
read_only: true
volumes:
- /data/honeypy/log:/opt/honeypy/log
@@ -320,7 +320,7 @@ services:
- honeysap_local
ports:
- "3299:3299"
- image: "dtagdevsec/honeysap:2006"
+ image: "ghcr.io/telekom-security/honeysap:2006"
volumes:
- /data/honeysap/log:/opt/honeysap/log
@@ -332,7 +332,7 @@ services:
- ipphoney_local
ports:
- "631:631"
- image: "dtagdevsec/ipphoney:2006"
+ image: "ghcr.io/telekom-security/ipphoney:2006"
read_only: true
volumes:
- /data/ipphoney/log:/opt/ipphoney/log
@@ -351,7 +351,7 @@ services:
- mailoney_local
ports:
- "25:25"
- image: "dtagdevsec/mailoney:2006"
+ image: "ghcr.io/telekom-security/mailoney:2006"
read_only: true
volumes:
- /data/mailoney/log:/opt/mailoney/logs
@@ -364,7 +364,7 @@ services:
- medpot_local
ports:
- "2575:2575"
- image: "dtagdevsec/medpot:2006"
+ image: "ghcr.io/telekom-security/medpot:2006"
read_only: true
volumes:
- /data/medpot/log/:/var/log/medpot
@@ -385,7 +385,7 @@ services:
- rdpy_local
ports:
- "3389:3389"
- image: "dtagdevsec/rdpy:2006"
+ image: "ghcr.io/telekom-security/rdpy:2006"
read_only: true
volumes:
- /data/rdpy/log:/var/log/rdpy
@@ -398,7 +398,7 @@ services:
tty: true
networks:
- tanner_local
- image: "dtagdevsec/redis:2006"
+ image: "ghcr.io/telekom-security/redis:2006"
read_only: true
## PHP Sandbox service
@@ -408,7 +408,7 @@ services:
tty: true
networks:
- tanner_local
- image: "dtagdevsec/phpox:2006"
+ image: "ghcr.io/telekom-security/phpox:2006"
read_only: true
## Tanner API Service
@@ -420,7 +420,7 @@ services:
tty: true
networks:
- tanner_local
- image: "dtagdevsec/tanner:2006"
+ image: "ghcr.io/telekom-security/tanner:2006"
read_only: true
volumes:
- /data/tanner/log:/var/log/tanner
@@ -437,7 +437,7 @@ services:
# tty: true
# networks:
# - tanner_local
-# image: "dtagdevsec/tanner:2006"
+# image: "ghcr.io/telekom-security/tanner:2006"
# command: tannerweb
# read_only: true
# volumes:
@@ -454,7 +454,7 @@ services:
tty: true
networks:
- tanner_local
- image: "dtagdevsec/tanner:2006"
+ image: "ghcr.io/telekom-security/tanner:2006"
command: tanner
read_only: true
volumes:
@@ -474,7 +474,7 @@ services:
- tanner_local
ports:
- "80:80"
- image: "dtagdevsec/snare:2006"
+ image: "ghcr.io/telekom-security/snare:2006"
depends_on:
- tanner
@@ -492,7 +492,7 @@ services:
- NET_ADMIN
- SYS_NICE
- NET_RAW
- image: "dtagdevsec/fatt:2006"
+ image: "ghcr.io/telekom-security/fatt:2006"
volumes:
- /data/fatt/log:/opt/fatt/log
@@ -501,7 +501,7 @@ services:
container_name: p0f
restart: always
network_mode: "host"
- image: "dtagdevsec/p0f:2006"
+ image: "ghcr.io/telekom-security/p0f:2006"
read_only: true
volumes:
- /data/p0f/log:/var/log/p0f
@@ -518,7 +518,7 @@ services:
- NET_ADMIN
- SYS_NICE
- NET_RAW
- image: "dtagdevsec/suricata:2006"
+ image: "ghcr.io/telekom-security/suricata:2006"
volumes:
- /data/suricata/log:/var/log/suricata
@@ -535,7 +535,7 @@ services:
- cyberchef_local
ports:
- "127.0.0.1:64299:8000"
- image: "dtagdevsec/cyberchef:2006"
+ image: "ghcr.io/telekom-security/cyberchef:2006"
read_only: true
#### ELK
@@ -559,7 +559,7 @@ services:
mem_limit: 4g
ports:
- "127.0.0.1:64298:9200"
- image: "dtagdevsec/elasticsearch:2006"
+ image: "ghcr.io/telekom-security/elasticsearch:2006"
volumes:
- /data:/data
@@ -572,7 +572,7 @@ services:
condition: service_healthy
ports:
- "127.0.0.1:64296:5601"
- image: "dtagdevsec/kibana:2006"
+ image: "ghcr.io/telekom-security/kibana:2006"
## Logstash service
logstash:
@@ -585,7 +585,7 @@ services:
condition: service_healthy
env_file:
- /opt/tpot/etc/compose/elk_environment
- image: "dtagdevsec/logstash:2006"
+ image: "ghcr.io/telekom-security/logstash:2006"
volumes:
- /data:/data
@@ -598,7 +598,7 @@ services:
condition: service_healthy
ports:
- "127.0.0.1:64302:9100"
- image: "dtagdevsec/head:2006"
+ image: "ghcr.io/telekom-security/head:2006"
read_only: true
# Ewsposter service
@@ -618,7 +618,7 @@ services:
- EWS_HPFEEDS_FORMAT=json
env_file:
- /opt/tpot/etc/compose/elk_environment
- image: "dtagdevsec/ewsposter:2006"
+ image: "ghcr.io/telekom-security/ewsposter:2006"
volumes:
- /data:/data
- /data/ews/conf/ews.ip:/opt/ewsposter/ews.ip
@@ -646,7 +646,7 @@ services:
ports:
- "64297:64297"
- "127.0.0.1:64304:64304"
- image: "dtagdevsec/nginx:2006"
+ image: "ghcr.io/telekom-security/nginx:2006"
read_only: true
volumes:
- /data/nginx/cert/:/etc/nginx/cert/:ro
@@ -664,6 +664,6 @@ services:
- spiderfoot_local
ports:
- "127.0.0.1:64303:8080"
- image: "dtagdevsec/spiderfoot:2006"
+ image: "ghcr.io/telekom-security/spiderfoot:2006"
volumes:
- /data/spiderfoot/spiderfoot.db:/home/spiderfoot/spiderfoot.db
diff --git a/etc/compose/sensor.yml b/etc/compose/sensor.yml
index 31fb5c8b..be7313e4 100644
--- a/etc/compose/sensor.yml
+++ b/etc/compose/sensor.yml
@@ -37,7 +37,7 @@ services:
- adbhoney_local
ports:
- "5555:5555"
- image: "dtagdevsec/adbhoney:2006"
+ image: "ghcr.io/telekom-security/adbhoney:2006"
read_only: true
volumes:
- /data/adbhoney/log:/opt/adbhoney/log
@@ -54,7 +54,7 @@ services:
ports:
- "5000:5000/udp"
- "8443:8443"
- image: "dtagdevsec/ciscoasa:2006"
+ image: "ghcr.io/telekom-security/ciscoasa:2006"
read_only: true
volumes:
- /data/ciscoasa/log:/var/log/ciscoasa
@@ -67,7 +67,7 @@ services:
- citrixhoneypot_local
ports:
- "443:443"
- image: "dtagdevsec/citrixhoneypot:2006"
+ image: "ghcr.io/telekom-security/citrixhoneypot:2006"
read_only: true
volumes:
- /data/citrixhoneypot/logs:/opt/citrixhoneypot/logs
@@ -89,7 +89,7 @@ services:
ports:
- "161:161"
- "2404:2404"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -110,7 +110,7 @@ services:
- conpot_local_guardian_ast
ports:
- "10001:10001"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -131,7 +131,7 @@ services:
- conpot_local_ipmi
ports:
- "623:623"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -153,7 +153,7 @@ services:
ports:
- "1025:1025"
- "50100:50100"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -170,7 +170,7 @@ services:
ports:
- "22:22"
- "23:23"
- image: "dtagdevsec/cowrie:2006"
+ image: "ghcr.io/telekom-security/cowrie:2006"
read_only: true
volumes:
- /data/cowrie/downloads:/home/cowrie/cowrie/dl
@@ -189,7 +189,7 @@ services:
- dicompot_local
ports:
- "11112:11112"
- image: "dtagdevsec/dicompot:2006"
+ image: "ghcr.io/telekom-security/dicompot:2006"
read_only: true
volumes:
- /data/dicompot/log:/var/log/dicompot
@@ -220,7 +220,7 @@ services:
- "5060:5060/udp"
- "5061:5061"
- "27017:27017"
- image: "dtagdevsec/dionaea:2006"
+ image: "ghcr.io/telekom-security/dionaea:2006"
read_only: true
volumes:
- /data/dionaea/roots/ftp:/opt/dionaea/var/dionaea/roots/ftp
@@ -240,7 +240,7 @@ services:
- elasticpot_local
ports:
- "9200:9200"
- image: "dtagdevsec/elasticpot:2006"
+ image: "ghcr.io/telekom-security/elasticpot:2006"
read_only: true
volumes:
- /data/elasticpot/log:/opt/elasticpot/log
@@ -269,7 +269,7 @@ services:
- "1080:1080"
- "5432:5432"
- "5900:5900"
- image: "dtagdevsec/heralding:2006"
+ image: "ghcr.io/telekom-security/heralding:2006"
read_only: true
volumes:
- /data/heralding/log:/var/log/heralding
@@ -288,7 +288,7 @@ services:
- "2324:2324"
- "4096:4096"
# - "9200:9200"
- image: "dtagdevsec/honeypy:2006"
+ image: "ghcr.io/telekom-security/honeypy:2006"
read_only: true
volumes:
- /data/honeypy/log:/opt/honeypy/log
@@ -301,7 +301,7 @@ services:
- honeysap_local
ports:
- "3299:3299"
- image: "dtagdevsec/honeysap:2006"
+ image: "ghcr.io/telekom-security/honeysap:2006"
volumes:
- /data/honeysap/log:/opt/honeysap/log
@@ -314,7 +314,7 @@ services:
network_mode: "host"
cap_add:
- NET_ADMIN
- image: "dtagdevsec/honeytrap:2006"
+ image: "ghcr.io/telekom-security/honeytrap:2006"
read_only: true
volumes:
- /data/honeytrap/attacks:/opt/honeytrap/var/attacks
@@ -335,7 +335,7 @@ services:
- mailoney_local
ports:
- "25:25"
- image: "dtagdevsec/mailoney:2006"
+ image: "ghcr.io/telekom-security/mailoney:2006"
read_only: true
volumes:
- /data/mailoney/log:/opt/mailoney/logs
@@ -348,7 +348,7 @@ services:
- medpot_local
ports:
- "2575:2575"
- image: "dtagdevsec/medpot:2006"
+ image: "ghcr.io/telekom-security/medpot:2006"
read_only: true
volumes:
- /data/medpot/log/:/var/log/medpot
@@ -369,7 +369,7 @@ services:
- rdpy_local
ports:
- "3389:3389"
- image: "dtagdevsec/rdpy:2006"
+ image: "ghcr.io/telekom-security/rdpy:2006"
read_only: true
volumes:
- /data/rdpy/log:/var/log/rdpy
@@ -382,7 +382,7 @@ services:
tty: true
networks:
- tanner_local
- image: "dtagdevsec/redis:2006"
+ image: "ghcr.io/telekom-security/redis:2006"
read_only: true
## PHP Sandbox service
@@ -392,7 +392,7 @@ services:
tty: true
networks:
- tanner_local
- image: "dtagdevsec/phpox:2006"
+ image: "ghcr.io/telekom-security/phpox:2006"
read_only: true
## Tanner API Service
@@ -404,7 +404,7 @@ services:
tty: true
networks:
- tanner_local
- image: "dtagdevsec/tanner:2006"
+ image: "ghcr.io/telekom-security/tanner:2006"
read_only: true
volumes:
- /data/tanner/log:/var/log/tanner
@@ -421,7 +421,7 @@ services:
# tty: true
# networks:
# - tanner_local
-# image: "dtagdevsec/tanner:2006"
+# image: "ghcr.io/telekom-security/tanner:2006"
# command: tannerweb
# read_only: true
# volumes:
@@ -438,7 +438,7 @@ services:
tty: true
networks:
- tanner_local
- image: "dtagdevsec/tanner:2006"
+ image: "ghcr.io/telekom-security/tanner:2006"
command: tanner
read_only: true
volumes:
@@ -458,7 +458,7 @@ services:
- tanner_local
ports:
- "80:80"
- image: "dtagdevsec/snare:2006"
+ image: "ghcr.io/telekom-security/snare:2006"
depends_on:
- tanner
@@ -476,7 +476,7 @@ services:
- NET_ADMIN
- SYS_NICE
- NET_RAW
- image: "dtagdevsec/fatt:2006"
+ image: "ghcr.io/telekom-security/fatt:2006"
volumes:
- /data/fatt/log:/opt/fatt/log
@@ -485,7 +485,7 @@ services:
container_name: p0f
restart: always
network_mode: "host"
- image: "dtagdevsec/p0f:2006"
+ image: "ghcr.io/telekom-security/p0f:2006"
read_only: true
volumes:
- /data/p0f/log:/var/log/p0f
@@ -502,7 +502,7 @@ services:
- NET_ADMIN
- SYS_NICE
- NET_RAW
- image: "dtagdevsec/suricata:2006"
+ image: "ghcr.io/telekom-security/suricata:2006"
volumes:
- /data/suricata/log:/var/log/suricata
@@ -528,7 +528,7 @@ services:
- EWS_HPFEEDS_FORMAT=json
env_file:
- /opt/tpot/etc/compose/elk_environment
- image: "dtagdevsec/ewsposter:2006"
+ image: "ghcr.io/telekom-security/ewsposter:2006"
volumes:
- /data:/data
- /data/ews/conf/ews.ip:/opt/ewsposter/ews.ip
diff --git a/etc/compose/standard.yml b/etc/compose/standard.yml
index 2543da4d..ce53972d 100644
--- a/etc/compose/standard.yml
+++ b/etc/compose/standard.yml
@@ -37,7 +37,7 @@ services:
- adbhoney_local
ports:
- "5555:5555"
- image: "dtagdevsec/adbhoney:2006"
+ image: "ghcr.io/telekom-security/adbhoney:2006"
read_only: true
volumes:
- /data/adbhoney/log:/opt/adbhoney/log
@@ -53,7 +53,7 @@ services:
ports:
- "5000:5000/udp"
- "8443:8443"
- image: "dtagdevsec/ciscoasa:2006"
+ image: "ghcr.io/telekom-security/ciscoasa:2006"
read_only: true
volumes:
- /data/ciscoasa/log:/var/log/ciscoasa
@@ -66,7 +66,7 @@ services:
- citrixhoneypot_local
ports:
- "443:443"
- image: "dtagdevsec/citrixhoneypot:2006"
+ image: "ghcr.io/telekom-security/citrixhoneypot:2006"
read_only: true
volumes:
- /data/citrixhoneypot/logs:/opt/citrixhoneypot/logs
@@ -88,7 +88,7 @@ services:
ports:
- "161:161"
- "2404:2404"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -109,7 +109,7 @@ services:
- conpot_local_guardian_ast
ports:
- "10001:10001"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -130,7 +130,7 @@ services:
- conpot_local_ipmi
ports:
- "623:623"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -152,7 +152,7 @@ services:
ports:
- "1025:1025"
- "50100:50100"
- image: "dtagdevsec/conpot:2006"
+ image: "ghcr.io/telekom-security/conpot:2006"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpot
@@ -169,7 +169,7 @@ services:
ports:
- "22:22"
- "23:23"
- image: "dtagdevsec/cowrie:2006"
+ image: "ghcr.io/telekom-security/cowrie:2006"
read_only: true
volumes:
- /data/cowrie/downloads:/home/cowrie/cowrie/dl
@@ -188,7 +188,7 @@ services:
- dicompot_local
ports:
- "11112:11112"
- image: "dtagdevsec/dicompot:2006"
+ image: "ghcr.io/telekom-security/dicompot:2006"
read_only: true
volumes:
- /data/dicompot/log:/var/log/dicompot
@@ -219,7 +219,7 @@ services:
- "5060:5060/udp"
- "5061:5061"
- "27017:27017"
- image: "dtagdevsec/dionaea:2006"
+ image: "ghcr.io/telekom-security/dionaea:2006"
read_only: true
volumes:
- /data/dionaea/roots/ftp:/opt/dionaea/var/dionaea/roots/ftp
@@ -239,7 +239,7 @@ services:
- elasticpot_local
ports:
- "9200:9200"
- image: "dtagdevsec/elasticpot:2006"
+ image: "ghcr.io/telekom-security/elasticpot:2006"
read_only: true
volumes:
- /data/elasticpot/log:/opt/elasticpot/log
@@ -268,7 +268,7 @@ services:
- "1080:1080"
- "5432:5432"
- "5900:5900"
- image: "dtagdevsec/heralding:2006"
+ image: "ghcr.io/telekom-security/heralding:2006"
read_only: true
volumes:
- /data/heralding/log:/var/log/heralding
@@ -281,7 +281,7 @@ services:
- honeysap_local
ports:
- "3299:3299"
- image: "dtagdevsec/honeysap:2006"
+ image: "ghcr.io/telekom-security/honeysap:2006"
volumes:
- /data/honeysap/log:/opt/honeysap/log
@@ -294,7 +294,7 @@ services:
network_mode: "host"
cap_add:
- NET_ADMIN
- image: "dtagdevsec/honeytrap:2006"
+ image: "ghcr.io/telekom-security/honeytrap:2006"
read_only: true
volumes:
- /data/honeytrap/attacks:/opt/honeytrap/var/attacks
@@ -315,7 +315,7 @@ services:
- mailoney_local
ports:
- "25:25"
- image: "dtagdevsec/mailoney:2006"
+ image: "ghcr.io/telekom-security/mailoney:2006"
read_only: true
volumes:
- /data/mailoney/log:/opt/mailoney/logs
@@ -328,7 +328,7 @@ services:
- medpot_local
ports:
- "2575:2575"
- image: "dtagdevsec/medpot:2006"
+ image: "ghcr.io/telekom-security/medpot:2006"
read_only: true
volumes:
- /data/medpot/log/:/var/log/medpot
@@ -349,7 +349,7 @@ services:
- rdpy_local
ports:
- "3389:3389"
- image: "dtagdevsec/rdpy:2006"
+ image: "ghcr.io/telekom-security/rdpy:2006"
read_only: true
volumes:
- /data/rdpy/log:/var/log/rdpy
@@ -362,7 +362,7 @@ services:
tty: true
networks:
- tanner_local
- image: "dtagdevsec/redis:2006"
+ image: "ghcr.io/telekom-security/redis:2006"
read_only: true
## PHP Sandbox service
@@ -372,7 +372,7 @@ services:
tty: true
networks:
- tanner_local
- image: "dtagdevsec/phpox:2006"
+ image: "ghcr.io/telekom-security/phpox:2006"
read_only: true
## Tanner API Service
@@ -384,7 +384,7 @@ services:
tty: true
networks:
- tanner_local
- image: "dtagdevsec/tanner:2006"
+ image: "ghcr.io/telekom-security/tanner:2006"
read_only: true
volumes:
- /data/tanner/log:/var/log/tanner
@@ -401,7 +401,7 @@ services:
# tty: true
# networks:
# - tanner_local
-# image: "dtagdevsec/tanner:2006"
+# image: "ghcr.io/telekom-security/tanner:2006"
# command: tannerweb
# read_only: true
# volumes:
@@ -418,7 +418,7 @@ services:
tty: true
networks:
- tanner_local
- image: "dtagdevsec/tanner:2006"
+ image: "ghcr.io/telekom-security/tanner:2006"
command: tanner
read_only: true
volumes:
@@ -438,7 +438,7 @@ services:
- tanner_local
ports:
- "80:80"
- image: "dtagdevsec/snare:2006"
+ image: "ghcr.io/telekom-security/snare:2006"
depends_on:
- tanner
@@ -456,7 +456,7 @@ services:
- NET_ADMIN
- SYS_NICE
- NET_RAW
- image: "dtagdevsec/fatt:2006"
+ image: "ghcr.io/telekom-security/fatt:2006"
volumes:
- /data/fatt/log:/opt/fatt/log
@@ -465,7 +465,7 @@ services:
container_name: p0f
restart: always
network_mode: "host"
- image: "dtagdevsec/p0f:2006"
+ image: "ghcr.io/telekom-security/p0f:2006"
read_only: true
volumes:
- /data/p0f/log:/var/log/p0f
@@ -482,7 +482,7 @@ services:
- NET_ADMIN
- SYS_NICE
- NET_RAW
- image: "dtagdevsec/suricata:2006"
+ image: "ghcr.io/telekom-security/suricata:2006"
volumes:
- /data/suricata/log:/var/log/suricata
@@ -499,7 +499,7 @@ services:
- cyberchef_local
ports:
- "127.0.0.1:64299:8000"
- image: "dtagdevsec/cyberchef:2006"
+ image: "ghcr.io/telekom-security/cyberchef:2006"
read_only: true
#### ELK
@@ -523,7 +523,7 @@ services:
mem_limit: 4g
ports:
- "127.0.0.1:64298:9200"
- image: "dtagdevsec/elasticsearch:2006"
+ image: "ghcr.io/telekom-security/elasticsearch:2006"
volumes:
- /data:/data
@@ -536,7 +536,7 @@ services:
condition: service_healthy
ports:
- "127.0.0.1:64296:5601"
- image: "dtagdevsec/kibana:2006"
+ image: "ghcr.io/telekom-security/kibana:2006"
## Logstash service
logstash:
@@ -549,7 +549,7 @@ services:
condition: service_healthy
env_file:
- /opt/tpot/etc/compose/elk_environment
- image: "dtagdevsec/logstash:2006"
+ image: "ghcr.io/telekom-security/logstash:2006"
volumes:
- /data:/data
@@ -562,7 +562,7 @@ services:
condition: service_healthy
ports:
- "127.0.0.1:64302:9100"
- image: "dtagdevsec/head:2006"
+ image: "ghcr.io/telekom-security/head:2006"
read_only: true
# Ewsposter service
@@ -582,7 +582,7 @@ services:
- EWS_HPFEEDS_FORMAT=json
env_file:
- /opt/tpot/etc/compose/elk_environment
- image: "dtagdevsec/ewsposter:2006"
+ image: "ghcr.io/telekom-security/ewsposter:2006"
volumes:
- /data:/data
- /data/ews/conf/ews.ip:/opt/ewsposter/ews.ip
@@ -610,7 +610,7 @@ services:
ports:
- "64297:64297"
- "127.0.0.1:64304:64304"
- image: "dtagdevsec/nginx:2006"
+ image: "ghcr.io/telekom-security/nginx:2006"
read_only: true
volumes:
- /data/nginx/cert/:/etc/nginx/cert/:ro
@@ -628,6 +628,6 @@ services:
- spiderfoot_local
ports:
- "127.0.0.1:64303:8080"
- image: "dtagdevsec/spiderfoot:2006"
+ image: "ghcr.io/telekom-security/spiderfoot:2006"
volumes:
- /data/spiderfoot/spiderfoot.db:/home/spiderfoot/spiderfoot.db
diff --git a/iso/installer/install.sh b/iso/installer/install.sh
index fc43b8f5..a1b91c32 100755
--- a/iso/installer/install.sh
+++ b/iso/installer/install.sh
@@ -16,7 +16,7 @@ fi
myBACKTITLE="T-Pot-Installer"
myCONF_FILE="/root/installer/iso.conf"
myPROGRESSBOXCONF=" --backtitle "$myBACKTITLE" --progressbox 24 80"
-mySITES="https://hub.docker.com https://github.com https://pypi.python.org https://debian.org"
+mySITES="https://ghcr.io https://github.com https://pypi.python.org https://debian.org"
myTPOTCOMPOSE="/opt/tpot/etc/tpot.yml"
myLSB_STABLE_SUPPORTED="stretch buster"
myLSB_TESTING_SUPPORTED="stable"
@@ -704,7 +704,7 @@ hash -r
if ! [ "$myTPOT_DEPLOYMENT_TYPE" == "iso" ];
then
fuBANNER "Cloning T-Pot"
- git clone https://github.com/dtag-dev-sec/tpotce /opt/tpot
+ git clone https://github.com/telekom-security/tpotce /opt/tpot
fi
# Let's create the T-Pot user
diff --git a/iso/isolinux/txt.cfg b/iso/isolinux/txt.cfg
index 51df26c2..dd4bb949 100755
--- a/iso/isolinux/txt.cfg
+++ b/iso/isolinux/txt.cfg
@@ -1,6 +1,6 @@
default install
label install
- menu label ^T-Pot 20.06.0 (based on Debian Stable)
+ menu label ^T-Pot 20.06.1 (based on Debian Stable)
menu default
kernel linux
append vga=788 initrd=initrd.gz console-setup/ask_detect=true --
diff --git a/iso/preseed/tpot.seed b/iso/preseed/tpot.seed
index 11f8b1a8..4a8262d1 100755
--- a/iso/preseed/tpot.seed
+++ b/iso/preseed/tpot.seed
@@ -131,7 +131,7 @@ in-target apt-get -y install grub-pc; \
in-target grub-install --force $(debconf-get partman-auto/disk); \
update-dev; \
in-target update-grub; \
-in-target git clone --depth=1 https://github.com/dtag-dev-sec/tpotce /opt/tpot; \
+in-target git clone --depth=1 https://github.com/telekom-security/tpotce /opt/tpot; \
in-target sed -i 's/allow-hotplug/auto/g' /etc/network/interfaces; \
#in-target apt-get -y remove exim4-base; \
#in-target apt-get -y autoremove; \
diff --git a/update.sh b/update.sh
index f2032674..453af2ea 100755
--- a/update.sh
+++ b/update.sh
@@ -266,7 +266,7 @@ echo "### If you made changes to tpot.yml please ensure to add them again."
echo "### We stored the previous version as backup in /root/."
echo "### Some updates may need an import of the latest Kibana objects as well."
echo "### Download the latest objects here if they recently changed:"
-echo "### https://raw.githubusercontent.com/dtag-dev-sec/tpotce/master/etc/objects/kibana_export.json.zip"
+echo "### https://raw.githubusercontent.com/telekom-security/tpotce/master/etc/objects/kibana_export.ndjson.zip"
echo "### Export and import the objects easily through the Kibana WebUI:"
echo "### Go to Kibana > Management > Saved Objects > Export / Import"
echo "### Or use the command:"
diff --git a/version b/version
index a30c04d4..8ce48caa 100644
--- a/version
+++ b/version
@@ -1 +1 @@
-20.06.0
+20.06.1