Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-04-29 03:38:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

prepare for new ewsposter

Browse source
This commit is contained in:
Marco Ochse 2017-03-12 23:31:34 +00:00
parent fb02d41e57
commit c5de828d7e
7 changed files with 19 additions and 84 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

83
installer/data/ews/conf/ews.cfg
View file

@ -1,83 +0,0 @@
[MAIN]
homedir = /opt/ewsposter/
spooldir = /opt/ewsposter/spool/
logdir = /opt/ewsposter/log/
del_malware_after_send = false
send_malware = true
sendlimit = 400
contact = your_email_address
proxy =
ip =
[EWS]
ews = true
username = community-01-user
token = foth{a5maiCee8fineu7
rhost_first = https://community.sicherheitstacho.eu/ews-0.1/alert/postSimpleMessage
rhost_second = https://community.sicherheitstacho.eu/ews-0.1/alert/postSimpleMessage
ignorecert = false
[HPFEED]
hpfeed = false
host = 0.0.0.0
port = 0
channels = 0
ident = 0
secret= 0
[EWSJSON]
json = false
jsondir = /data/ews/
[GLASTOPFV3]
glastopfv3 = true
nodeid = glastopfv3-community-01
sqlitedb = /data/glastopf/db/glastopf.db
malwaredir = /data/glastopf/data/files/
[GLASTOPFV2]
glastopfv2 = false
nodeid =
mysqlhost =
mysqldb =
mysqluser =
mysqlpw =
malwaredir =
[KIPPO]
kippo = true
nodeid = kippo-community-01
mysqlhost = localhost
mysqldb = cowrie
mysqluser = cowrie
mysqlpw = s0m3Secr3T!
malwaredir = /data/cowrie/downloads/
[DIONAEA]
dionaea = true
nodeid = dionaea-community-01
malwaredir = /data/dionaea/binaries/
sqlitedb = /data/dionaea/log/dionaea.sqlite
[HONEYTRAP]
honeytrap = true
nodeid = honeytrap-community-01
newversion = true
payloaddir = /data/honeytrap/attacks/
attackerfile = /data/honeytrap/log/attacker.log
[RDPDETECT]
rdpdetect = false
nodeid =
iptableslog =
targetip =
[EMOBILITY]
eMobility = true
nodeid = emobility-community-01
logfile = /data/eMobility/log/centralsystemEWS.log
[CONPOT]
conpot = true
nodeid = conpot-community-01
logfile = /data/conpot/log/conpot.json

1
installer/data/imgcfg/all_images.conf
View file

@ -4,6 +4,7 @@ dionaea
elasticpot elasticpot
elk elk
emobility emobility
ewsposter
glastopf glastopf
honeytrap honeytrap
suricata suricata

1
installer/data/imgcfg/hp_images.conf
View file

@ -1,5 +1,6 @@
cowrie cowrie
dionaea dionaea
elasticpot elasticpot
ewsposter
glastopf glastopf
honeytrap honeytrap

1
installer/data/imgcfg/industrial_images.conf
View file

@ -1,6 +1,7 @@
conpot conpot
elk elk
emobility emobility
ewsposter
suricata suricata
netdata netdata
ui-for-docker ui-for-docker

1
installer/data/imgcfg/tpot_images.conf
View file

@ -2,6 +2,7 @@ cowrie
dionaea dionaea
elasticpot elasticpot
elk elk
ewsposter
glastopf glastopf
honeytrap honeytrap
suricata suricata

14
installer/data/systemd/ewsposter.service Normal file
View file

@ -0,0 +1,14 @@
[Unit]
Description=ewsposter
Requires=docker.service
After=docker.service
[Service]
Restart=always
ExecStartPre=-/usr/bin/docker stop ewsposter
ExecStartPre=-/usr/bin/docker rm -v ewsposter
ExecStart=/usr/bin/docker run --name ewsposter --rm=true -v /data:/data -v /data/ews/conf/ews.ip:/opt/ewsposter/ews.ip dtagdevsec/ewsposter:latest1610
ExecStop=/usr/bin/docker stop ewsposter
[Install]
WantedBy=multi-user.target

2
installer/install.sh
View file

@ -416,7 +416,7 @@ mkdir -p /data/conpot/log \
/data/elk/data /data/elk/log /data/elk/logstash/conf \ /data/elk/data /data/elk/log /data/elk/logstash/conf \
/data/glastopf /data/honeytrap/log/ /data/honeytrap/attacks/ /data/honeytrap/downloads/ \ /data/glastopf /data/honeytrap/log/ /data/honeytrap/attacks/ /data/honeytrap/downloads/ \
/data/emobility/log \ /data/emobility/log \
/data/ews/log /data/ews/conf /data/ews/dionaea /data/ews/emobility \ /data/ews/conf \
/data/suricata/log /home/tsec/.ssh/ /data/suricata/log /home/tsec/.ssh/
# Let's take care of some files and permissions before copying # Let's take care of some files and permissions before copying