Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-10-14 04:19:14 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Fix misprint in DockerFiles / Potential Fix Pull #187

Browse source
This commit is contained in:
UncleRaymondo 2018-03-10 18:14:06 +11:00
parent a65f34b102
commit d18cad95dd
17 changed files with 7 additions and 876 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

54
docker/conpot_IEC104/Dockerfile
View file

@ -1,54 +0,0 @@
FROM alpine
MAINTAINER MO
# Include dist
ADD dist/ /root/dist/
# Setup apt
RUN apk -U add bash \
build-base \
file \
git \
libev \
libtool \
libxslt \
libxslt-dev \
mariadb-dev \
mariadb-client-libs \
pkgconfig \
python \
python-dev \
py-cffi && \
# Setup ConPot
git clone https://github.com/mushorg/conpot /opt/conpot_IEC104/ && \
cd /opt/conpot_IEC104/ && \
git checkout d97a68a054e4fe42ff90293188a5702ce8ab09a3 && \
cp /root/dist/requirements.txt /opt/conpot_IEC104/ && \
python setup.py install && \
cd / && \
rm -rf /opt/conpot_IEC104 /tmp/* /var/tmp/* && \
# Setup user, groups and configs
addgroup -g 2000 conpot_IEC104 && \
adduser -S -s /bin/bash -u 2000 -D -g 2000 conpot_IEC104 && \
mkdir -p /etc/conpot_IEC104 /var/log/conpot_IEC104 && \
mv /root/dist/conpot.cfg /etc/conpot_IEC104/conpot_IEC104.cfg && \
mv /root/dist/IEC104/template.xml /usr/lib/python2.7/site-packages/Conpot-0.5.1-py2.7.egg/conpot_IEC104/templates/IEC104/ && \
# Clean up
apk del build-base \
file \
git \
libev \
libtool \
libxslt-dev \
mariadb-dev \
pkgconfig \
python-dev \
py-cffi && \
rm -rf /root/* && \
rm -rf /var/cache/apk/*
# Run supervisor upon container start
CMD ["/usr/bin/conpot", "--template", "IEC104", "--logfile", "/var/log/conpot_IEC104/conpot_IEC104.log", "--config", "/etc/conpot_IEC104/conpot_IEC104.cfg"]

15
docker/conpot_IEC104/README.md
View file

@ -1,15 +0,0 @@
[![](https://images.microbadger.com/badges/version/dtagdevsec/conpot:1710.svg)](https://microbadger.com/images/dtagdevsec/conpot:1710 "Get your own version badge on microbadger.com") [![](https://images.microbadger.com/badges/image/dtagdevsec/conpot:1710.svg)](https://microbadger.com/images/dtagdevsec/conpot:1710 "Get your own image badge on microbadger.com")
# conpot
[ConPot](http://conpot.org/) is a low interactive server side Industrial Control Systems honeypot designed to be easy to deploy, modify and extend. By providing a range of common industrial control protocols we created the basics to build your own system, capable to emulate complex infrastructures to convince an adversary that he just found a huge industrial complex. To improve the deceptive capabilities, we also provided the possibility to server a custom human machine interface to increase the honeypots attack surface. The response times of the services can be artificially delayed to mimic the behavior of a system under constant load. Because we are providing complete stacks of the protocols, Conpot can be accessed with productive HMI's or extended with real hardware. Conpot is developed under the umbrella of the [Honeynet Project](https://www.honeynet.org/) and on the shoulders of a couple of very big giants.
This dockerized version is part of the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)** of Deutsche Telekom AG.
The `Dockerfile` contains the blueprint for the dockerized conpot and will be used to setup the docker image.
The `docker-compose.yml` contains the necessary settings to test conpot using `docker-compose`. This will ensure to start the docker container with the appropriate permissions and port mappings.
# ConPot Dashboard
![ConPot Dashboard](https://raw.githubusercontent.com/dtag-dev-sec/tpotce/master/docker/conpot/doc/dashboard.png)

675
docker/conpot_IEC104/dist/IEC104/template.xml vendored
View file

@ -1,675 +0,0 @@
<!-- Copyright (C) 2017 Patrick Reichenberger (University of Passau) <patrick.reichenberger@t-online.de>
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-->
<core>
<template>
<!-- General information about the template -->
<entity name="unit">S7-300</entity>
<entity name="vendor">Siemens</entity>
<entity name="description">Creates a simple device for IEC 60870-5-104</entity>
<entity name="protocols">IEC104</entity>
<entity name="creator">Patrick Reichenberger</entity>
</template>
<databus>
<!-- Core value that can be retrieved from the databus by key -->
<key_value_mappings>
<!-- SNMPv2-MIB -->
<key name="SystemDescription">
<value type="value">"Siemens, SIMATIC, S7-300"</value>
</key>
<key name="sysObjectID">
<value type="value">"0.0"</value>
</key>
<key name="Uptime">
<value type="function">conpot.emulators.misc.uptime.Uptime</value>
</key>
<key name="sysContact">
<value type="value">""</value>
</key>
<key name="sysName">
<value type="value">""</value>
</key>
<key name="sysLocation">
<value type="value">""</value>
</key>
<key name="sysServices">
<value type="value">"72"</value>
</key>
<!-- IF-MIB -->
<key name="ifNumber">
<value type="value">1</value>
</key>
<key name="ifIndex">
<value type="value">1</value>
</key>
<key name="ifDescr">
<value type="value">"Siemens, SIMATIC NET, CP 343-1 PN, 6GK7 343-1EX21-0XE0, HW: Version 2, FW: Version V1.2.3, Ethernet Port 1, Rack 0, 100Mbit"</value>
</key>
<key name="ifType">
<value type="value">6</value>
</key>
<key name="ifMtu">
<value type="value">1000</value>
</key>
<key name="ifSpeed">
<value type="value">100000000</value>
</key>
<key name="ifPhysAddress">
<value type="value">"\x00\x0e\x8c\x29\xc5\x1a"</value>
</key>
<key name="ifAdminStatus">
<value type="value">1</value>
</key>
<key name="ifOperStatus">
<value type="value">1</value>
</key>
<key name="ifLastChange">
<value type="function">conpot.emulators.misc.uptime.Uptime</value>
</key>
<key name="FacilityName">
<value type="value">"Compagnie Generale des Eaux"</value>
</key>
<key name="0">
<value type="value">0</value>
</key>
<key name="1">
<value type="value">1</value>
</key>
<key name="ifInOctets">
<value type="value">1618895</value>
</key>
<key name="ifInUcastPkts">
<value type="value">7018</value>
</key>
<key name="ifInNUcastPkts">
<value type="value">291</value>
</key>
<key name="ifOutOctets">
<value type="value">455107</value>
</key>
<key name="ifOutUcastPkts">
<value type="value">872264</value>
</key>
<key name="ifOutUNcastPkts">
<value type="value">143</value>
</key>
<!-- IP-MIB -->
<key name="ipForwarding">
<value type="value">2</value>
</key>
<key name="ipDefaultTTL">
<value type="value">60</value>
</key>
<key name="ipInReceives">
<value type="value">31271</value>
</key>
<key name="ipInHdrErrors">
<value type="value">0</value>
</key>
<key name="ipInAddrErrors">
<value type="value">0</value>
</key>
<key name="ipForwDatagrams">
<value type="value">0</value>
</key>
<key name="ipInUnknownProtos">
<value type="value">0</value>
</key>
<key name="ipInDiscards">
<value type="value">0</value>
</key>
<key name="ipInDelivers">
<value type="value">31282</value>
</key>
<key name="ipOutRequests">
<value type="value">69023</value>
</key>
<key name="ipOutDiscards">
<value type="value">0</value>
</key>
<key name="ipOutNoRoutes">
<value type="value">0</value>
</key>
<key name="ipReasmTimeout">
<value type="value">60</value>
</key>
<key name="ipReasmReqds">
<value type="value">7</value>
</key>
<key name="ipReasmOKs">
<value type="value">3</value>
</key>
<key name="ipReasmFails">
<value type="value">0</value>
</key>
<key name="ipFragOKs">
<value type="value">0</value>
</key>
<key name="ipFragFails">
<value type="value">0</value>
</key>
<key name="ipFragCreates">
<value type="value">0</value>
</key>
<key name="ipAdEntAddr">
<value type="value">"163.172.189.137"</value>
</key>
<key name="ipAdEntIfIndex">
<value type="value">1</value>
</key>
<key name="ipAdEntNetMask">
<value type="value">"255.255.255.255"</value>
</key>
<key name="ipAdEntBcastAddr">
<value type="value">1</value>
</key>
<key name="ipAdEntReasmMaxSize">
<value type="value">65528</value>
</key>
<key name="ipRoutingDiscards">
<value type="value">0</value>
</key>
<key name="icmpInMsgs">
<value type="value">4</value>
</key>
<key name="icmpInErrors">
<value type="value">0</value>
</key>
<key name="icmpInDestUnreachs">
<value type="value">1</value>
</key>
<key name="icmpInTimeExcds">
<value type="value">0</value>
</key>
<key name="icmpInParmProbs">
<value type="value">0</value>
</key>
<key name="icmpInSrcQuenchs">
<value type="value">0</value>
</key>
<key name="icmpInRedirects">
<value type="value">0</value>
</key>
<key name="icmpInEchos">
<value type="value">0</value>
</key>
<key name="icmpInEchoReps">
<value type="value">0</value>
</key>
<key name="icmpInTimestamps">
<value type="value">0</value>
</key>
<key name="icmpInTimestampReps">
<value type="value">0</value>
</key>
<key name="icmpInAddrMasks">
<value type="value">0</value>
</key>
<key name="icmpInAddrMaskReps">
<value type="value">0</value>
</key>
<key name="icmpOutMsgs">
<value type="value">0</value>
</key>
<key name="icmpOutErrors">
<value type="value">0</value>
</key>
<key name="icmpOutDestUnreachs">
<value type="value">144</value>
</key>
<key name="icmpOutTimeExcds">
<value type="value">0</value>
</key>
<key name="icmpOutParmProbs">
<value type="value">0</value>
</key>
<key name="icmpOutSrcQuenchs">
<value type="value">0</value>
</key>
<key name="icmpOutRedirects">
<value type="value">0</value>
</key>
<key name="icmpOutEchos">
<value type="value">0</value>
</key>
<key name="icmpOutEchoReps">
<value type="value">0</value>
</key>
<key name="icmpOutTimestamps">
<value type="value">0</value>
</key>
<key name="icmpOutTimestampReps">
<value type="value">0</value>
</key>
<key name="icmpOutAddrMasks">
<value type="value">0</value>
</key>
<key name="icmpOutAddrMaskReps">
<value type="value">0</value>
</key>
<!-- TCP-MIB -->
<key name="tcpRtoAlgorithm">
<value type="value">2</value>
</key>
<key name="tcpRtoMin">
<value type="value">0</value>
</key>
<key name="tcpRtoMax">
<value type="value">100</value>
</key>
<key name="tcpMaxConn">
<value type="value">-1</value>
</key>
<key name="tcpActiveOpens">
<value type="value">0</value>
</key>
<key name="tcpPassiveOpens">
<value type="value">101</value>
</key>
<key name="tcpAttemptFails">
<value type="value">42</value>
</key>
<key name="tcpEstabResets">
<value type="value">45</value>
</key>
<key name="tcpCurrEstab">
<value type="value">0</value>
</key>
<key name="tcpInSegs">
<value type="value">30321</value>
</key>
<key name="tcpOutSegs">
<value type="value">67821</value>
</key>
<key name="tcpRetransSegs">
<value type="value">2511</value>
</key>
<key name="tcpConnState">
<value type="value">2</value>
</key>
<key name="tcpConnLocalAddress">
<value type="value">"163.172.189.137"</value>
</key>
<key name="tcpConnLocalPort">
<value type="value">2404</value>
</key>
<key name="tcpConnRemAddress">
<value type="value">"0.0.0.0"</value>
</key>
<key name="tcpConnRemPort">
<value type="value">0</value>
</key>
<key name="tcpInErrs">
<value type="value">1</value>
</key>
<key name="tcpOutRsts">
<value type="value">728</value>
</key>
<!-- UDP-MIB -->
<key name="udpInDatagrams">
<value type="value">1441</value>
</key>
<key name="udpNoPorts">
<value type="value">1280</value>
</key>
<key name="udpInErrors">
<value type="value">23</value>
</key>
<key name="udpOutDatagrams">
<value type="value">47</value>
</key>
<key name="udpLocalAddress">
<value type="value">"163.172.189.137"</value>
</key>
<key name="udpLocalPort">
<value type="value">161</value>
</key>
<key name="SystemName">
<value type="value">"CP 343-1 IT"</value>
</key>
<!-- IEC104 Protocol parameter -->
<!-- Timeout of connection establishment -->
<key name="T_0">
<value type="value">30</value>
</key>
<!-- Timeout of send or test APDUs (Wartezeit auf Quittung) -->
<key name="T_1">
<value type="value">15</value>
</key>
<!-- Timeout for acknowledges in case of no data messages T_2 < T_1 (Quittieren nach x sek) -->
<key name="T_2">
<value type="value">10</value>
</key>
<!-- Timeout for sending test frames in case of a long idle state -->
<key name="T_3">
<value type="value">20</value>
</key>
<!-- Maximum difference receive sequence number to send state variable (Max. Anzahl unquittierter Telegramme) -->
<!-- not implemented yet -->
<key name="k">
<value type="value">12</value>
</key>
<!-- Latest acknowledge after receiving w I-format APDUs (Quittieren nach w Telegrammen) -->
<key name="w">
<value type="value">8</value>
</key>
<!-- Maximum frame size (in bytes) -->
<key name="MaxFrameSize">
<value type="value">254</value>
</key>
<!-- Devices -->
<!-- 13- -->
<key name="13_20">
<value type="value">1</value>
</key>
<key name="13_21">
<value type="value">0</value>
</key>
<key name="13_22">
<value type="value">0</value>
</key>
<key name="13_24">
<value type="value">1</value>
</key>
<key name="13_25">
<value type="value">1</value>
</key>
<key name="13_32">
<value type="value">1</value>
</key>
<key name="13_33">
<value type="value">1</value>
</key>
<key name="13_34">
<value type="value">1</value>
</key>
<key name="13_35">
<value type="value">1</value>
</key>
<key name="13_36">
<value type="value">1</value>
</key>
<key name="13_37">
<value type="value">1</value>
</key>
<key name="13_38">
<value type="value">1</value>
</key>
<key name="13_39">
<value type="value">1</value>
</key>
<key name="13_40">
<value type="value">0</value>
</key>
<key name="13_41">
<value type="value">1</value>
</key>
<key name="13_42">
<value type="value">0</value>
</key>
<!-- 22- -->
<key name="22_19">
<value type="value">1</value>
</key>
<key name="22_20">
<value type="value">1</value>
</key>
<key name="22_21">
<value type="value">0</value>
</key>
<key name="22_22">
<value type="value">0</value>
</key>
<key name="22_24">
<value type="value">1</value>
</key>
<key name="22_25">
<value type="value">1</value>
</key>
<key name="22_42">
<value type="value">1</value>
</key>
<key name="22_43">
<value type="value">1</value>
</key>
<key name="22_54">
<value type="value">1</value>
</key>
<!-- 33- -->
<key name="33_2">
<value type="value">1</value>
</key>
<key name="33_3">
<value type="value">2</value>
</key>
<key name="33_4">
<value type="value">1</value>
</key>
<key name="33_5">
<value type="value">2</value>
</key>
<key name="33_6">
<value type="value">2</value>
</key>
<key name="33_7">
<value type="value">1</value>
</key>
<key name="33_8">
<value type="value">1</value>
</key>
<key name="33_9">
<value type="value">1</value>
</key>
<key name="33_10">
<value type="value">1</value>
</key>
<key name="33_11">
<value type="value">1</value>
</key>
<!-- 60- -->
<key name="60_6">
<value type="value">2</value>
</key>
<key name="60_7">
<value type="value">1</value>
</key>
<key name="60_8">
<value type="value">1</value>
</key>
<key name="60_9">
<value type="value">1</value>
</key>
<key name="60_20">
<value type="value">1</value>
</key>
<key name="60_21">
<value type="value">1</value>
</key>
<key name="60_32">
<value type="value">1</value>
</key>
<key name="60_34">
<value type="value">1</value>
</key>
<key name="60_35">
<value type="value">1</value>
</key>
<key name="60_36">
<value type="value">1</value>
</key>
<!-- 100- -->
<key name="100_12">
<value type="value">103</value>
</key>
<key name="100_13">
<value type="value">31</value>
</key>
<key name="100_51">
<value type="value">-49</value>
</key>
<key name="100_108">
<value type="value">28871</value>
</key>
<key name="100_109">
<value type="value">13781</value>
</key>
<key name="100_178">
<value type="value">119</value>
</key>
<key name="100_179">
<value type="value">219</value>
</key>
<key name="100_190">
<value type="value">1009</value>
</key>
<key name="100_191">
<value type="value">-2</value>
</key>
<key name="100_192">
<value type="value">701</value>
</key>
<key name="100_193">
<value type="value">441</value>
</key>
<!-- 101- -->
<key name="101_63">
<value type="value">103</value>
</key>
<key name="101_205">
<value type="value">31</value>
</key>
<key name="101_100">
<value type="value">5</value>
</key>
<key name="101_101">
<value type="value">49</value>
</key>
<key name="101_102">
<value type="value">119</value>
</key>
<key name="101_105">
<value type="value">500</value>
</key>
<key name="101_106">
<value type="value">1</value>
</key>
<!-- 107- -->
<key name="107_3">
<value type="value">16.2</value>
</key>
<key name="107_77">
<value type="value">15.9</value>
</key>
<key name="107_78">
<value type="value">512.1</value>
</key>
<key name="107_79">
<value type="value">433.4</value>
</key>
<key name="107_90">
<value type="value">344.4</value>
</key>
<key name="107_130">
<value type="value">-0.44013</value>
</key>
<key name="107_131">
<value type="value">43.0</value>
</key>
<key name="107_132">
<value type="value">41.2</value>
</key>
<key name="107_141">
<value type="value">12.1</value>
</key>
<key name="107_200">
<value type="value">91</value>
</key>
<key name="107_201">
<value type="value">98.8</value>
</key>
<key name="107_202">
<value type="value">110</value>
</key>
<key name="107_203">
<value type="value">85.1</value>
</key>
<key name="107_204">
<value type="value">85.2</value>
</key>
<key name="107_205">
<value type="value">410</value>
</key>
<key name="107_206">
<value type="value">592</value>
</key>
<key name="107_207">
<value type="value">1.5</value>
</key>
<key name="107_208">
<value type="value">44.7</value>
</key>
<key name="107_209">
<value type="value">11.9</value>
</key>
<key name="107_210">
<value type="value">221.45</value>
</key>
<key name="107_211">
<value type="value">13.4</value>
</key>
<key name="107_212">
<value type="value">0.000402</value>
</key>
<!-- 109- -->
<key name="109_3">
<value type="value">16.2</value>
</key>
<key name="109_7">
<value type="value">15.9</value>
</key>
<key name="109_8">
<value type="value">880</value>
</key>
<key name="109_10">
<value type="value">344.4</value>
</key>
<key name="109_40">
<value type="value">41.2</value>
</key>
<key name="109_41">
<value type="value">12.1</value>
</key>
<key name="empty">
<value type="value">""</value>
</key>
</key_value_mappings>
</databus>
</core>

58
docker/conpot_IEC104/dist/conpot_IEC104.cfg vendored
View file

@ -1,58 +0,0 @@
[common]
sensorid = conpot_IEC104
[session]
timeout = 30
[daemon]
user = conpot_IEC104
group = conpot_IEC104
[json]
enabled = True
filename = /var/log/conpot_IEC104/conpot_IEC104.json
[sqlite]
enabled = False
[mysql]
enabled = False
device = /tmp/mysql.sock
host = localhost
port = 3306
db = conpot_IEC104
username = conpot_IEC104
passphrase = conpot_IEC104
socket = tcp ; tcp (sends to host:port), dev (sends to mysql device/socket file)
[syslog]
enabled = False
device = /dev/log
host = localhost
port = 514
facility = local0
socket = dev ; udp (sends to host:port), dev (sends to device)
[hpfriends]
enabled = False
host = hpfriends.honeycloud.net
port = 20000
ident = 3Ykf9Znv
secret = 4nFRhpm44QkG9cvD
channels = ["conpot.events", ]
[taxii]
enabled = False
host = taxiitest.mitre.org
port = 80
inbox_path = /services/inbox/default/
use_https = False
[fetch_public_ip]
enabled = True
urls = ["http://whatismyip.akamai.com/", "http://wgetip.com/"]
[change_mac_addr]
enabled = False
iface = eth0
addr = 00:de:ad:be:ef:00

23
docker/conpot_IEC104/dist/requirements.txt vendored
View file

@ -1,23 +0,0 @@
gevent>=1.0
pysnmp==4.3.5
pysmi==0.1.3
lxml
bottle
jinja2
beautifulsoup4
requests
sphinx==1.5.5
libtaxii>=1.1.0
MySQL-python
xlrd
crc16
enum
hpfeeds
modbus-tk
stix-validator
stix
cybox
bacpypes==0.13.8
pyghmi
mixbox
modbus-tk

BIN
docker/conpot_IEC104/doc/dashboard.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 284 KiB

18
docker/conpot_IEC104/docker-compose.yml
View file

@ -1,18 +0,0 @@
version: '2.1'
networks:
conpot_IEC104_local:
services:
# Conpot service using IEC104 Template
conpot_IEC104:
container_name: conpot_IEC104
restart: always
networks:
- conpot_IEC104_local
ports:
- "2404:2404"
image: "dtagdevsec/conpot:1710"
volumes:
- /data/conpot_IEC104/log:/var/log/conpot_IEC104

2
docker/conpot_default/Dockerfile
View file

@ -33,7 +33,7 @@ RUN apk -U add bash \
addgroup -g 2000 conpot_default && \
adduser -S -s /bin/bash -u 2000 -D -g 2000 conpot_default && \
mkdir -p /etc/conpot_default /var/log/conpot_default && \
mv /root/dist/conpot.cfg /etc/conpot_default/conpot_default.cfg && \
mv /root/dist/conpot_default.cfg /etc/conpot_default/conpot_default.cfg && \
mv /root/dist/default/template.xml /usr/lib/python2.7/site-packages/Conpot-0.5.1-py2.7.egg/conpot_default/templates/default/ && \
# Clean up

0
docker/conpot_IEC104/dist/IEC104/IEC104/IEC104.xml → docker/conpot_default/dist/default/IEC104/IEC104.xml vendored
View file

2
docker/conpot_default/dist/default/template.xml vendored
View file

@ -4,7 +4,7 @@
<entity name="unit">S7-200</entity>
<entity name="vendor">Siemens</entity>
<entity name="description">Rough simulation of a basic Siemens S7-200 CPU with 2 slaves</entity>
<entity name="protocols">MODBUS, s7comm, SNMP, Bacnet</entity>
<entity name="protocols">MODBUS, s7comm, SNMP, Bacnet, IEC104</entity>
<entity name="creator">the conpot team</entity>
</template>
<databus>

1
docker/conpot_default/docker-compose.yml
View file

@ -14,6 +14,7 @@ services:
ports:
- "102:102"
- "502:502"
- "2404:2404"
- "47808:47808"
- "161:161/udp"
image: "dtagdevsec/conpot:1710"

2
docker/conpot_guardianast/Dockerfile
View file

@ -33,7 +33,7 @@ RUN apk -U add bash \
addgroup -g 2000 conpot_guardian_ast && \
adduser -S -s /bin/bash -u 2000 -D -g 2000 conpot_guardian_ast && \
mkdir -p /etc/conpot_guardian_ast /var/log/conpot_guardian_ast && \
mv /root/dist/conpot.cfg /etc/conpot_guardian_ast/conpot_guardian_ast.cfg && \
mv /root/dist/conpot_guardian_ast.cfg /etc/conpot_guardian_ast/conpot_guardian_ast.cfg && \
mv /root/dist/guardian_ast/template.xml /usr/lib/python2.7/site-packages/Conpot-0.5.1-py2.7.egg/conpot_guardian_ast/templates/guardian_ast/ && \
# Clean up

0
docker/conpot_guardianast/dist/conpot_guardianast.cfg → docker/conpot_guardianast/dist/conpot_guardian_ast.cfg vendored
View file

2
docker/conpot_kamstrup/Dockerfile
View file

@ -33,7 +33,7 @@ RUN apk -U add bash \
addgroup -g 2000 conpot_kamstrup && \
adduser -S -s /bin/bash -u 2000 -D -g 2000 conpot_kamstrup && \
mkdir -p /etc/conpot_kamstrup /var/log/conpot_kamstrup && \
mv /root/dist/conpot.cfg /etc/conpot_kamstrup/conpot_kamstrup.cfg && \
mv /root/dist/conpot_kamstrup.cfg /etc/conpot_kamstrup/conpot_kamstrup.cfg && \
mv /root/dist/kamstrup_382/template.xml /usr/lib/python2.7/site-packages/Conpot-0.5.1-py2.7.egg/conpot_kamstrup/templates/kamstrup_382/ && \
# Clean up

14
etc/compose/all.yml
View file

@ -6,7 +6,6 @@ networks:
conpot_kamstrup_local:
conpot_default_local:
conpot_guardian_ast_local:
conpot_IEC104_local:
cowrie_local:
dionaea_local:
elasticpot_local:
@ -43,6 +42,7 @@ services:
ports:
- "102:102"
- "502:502"
- "2404:2404"
- "47808:47808"
- "161:161/udp"
image: "dtagdevsec/conpot:1710"
@ -61,18 +61,6 @@ services:
volumes:
- /data/conpot_guardian_ast_local/log:/var/log/conpot_guardian_ast_local
# Conpot service - IEC104 Template
conpot_IEC104:
container_name: conpot_IEC104
restart: always
networks:
- conpot_IEC104_local
ports:
- "2404:2404"
image: "dtagdevsec/conpot:1710"
volumes:
- /data/conpot_IEC104_local/log:/var/log/conpot_IEC104_local
# Cowrie service
cowrie:
container_name: cowrie

15
etc/compose/industrial.yml
View file

@ -6,7 +6,6 @@ networks:
conpot_kamstrup_local:
conpot_default_local:
conpot_guardian_ast_local:
conpot_IEC104_local:
emobility_local:
ewsposter_local:
spiderfoot_local:
@ -36,6 +35,7 @@ services:
ports:
- "102:102"
- "502:502"
- "2404:2404"
- "47808:47808"
- "161:161/udp"
image: "dtagdevsec/conpot:1710"
@ -53,19 +53,6 @@ services:
image: "dtagdevsec/conpot:1710"
volumes:
- /data/conpot_guardian_ast_local/log:/var/log/conpot_guardian_ast_local
# Conpot service - IEC104 Template
conpot_IEC104:
container_name: conpot_IEC104
restart: always
networks:
- conpot_IEC104_local
ports:
- "2404:2404"
image: "dtagdevsec/conpot:1710"
volumes:
- /data/conpot_IEC104_local/log:/var/log/conpot_IEC104_local
# ELK services
## Elasticsearch service

2
etc/logrotate/logrotate.conf
View file

@ -4,8 +4,6 @@
/data/conpot_kamstrup/log/conpot.log
/data/conpot_guardianast/log/conpot.json
/data/conpot_guardianast/log/conpot.log
/data/conpot_IEC104/log/conpot.json
/data/conpot_IEC104/log/conpot.log
/data/cowrie/log/cowrie.json
/data/cowrie/log/cowrie-textlog.log
/data/cowrie/log/lastlog.txt