diff --git a/docker/conpot_IEC104/Dockerfile b/docker/conpot_IEC104/Dockerfile
deleted file mode 100644
index fac843dd..00000000
--- a/docker/conpot_IEC104/Dockerfile
+++ /dev/null
@@ -1,54 +0,0 @@
-FROM alpine
-MAINTAINER MO
-
-# Include dist
-ADD dist/ /root/dist/
-
-# Setup apt
-RUN apk -U add bash \
- build-base \
- file \
- git \
- libev \
- libtool \
- libxslt \
- libxslt-dev \
- mariadb-dev \
- mariadb-client-libs \
- pkgconfig \
- python \
- python-dev \
- py-cffi && \
-
-# Setup ConPot
- git clone https://github.com/mushorg/conpot /opt/conpot_IEC104/ && \
- cd /opt/conpot_IEC104/ && \
- git checkout d97a68a054e4fe42ff90293188a5702ce8ab09a3 && \
- cp /root/dist/requirements.txt /opt/conpot_IEC104/ && \
- python setup.py install && \
- cd / && \
- rm -rf /opt/conpot_IEC104 /tmp/* /var/tmp/* && \
-
-# Setup user, groups and configs
- addgroup -g 2000 conpot_IEC104 && \
- adduser -S -s /bin/bash -u 2000 -D -g 2000 conpot_IEC104 && \
- mkdir -p /etc/conpot_IEC104 /var/log/conpot_IEC104 && \
- mv /root/dist/conpot.cfg /etc/conpot_IEC104/conpot_IEC104.cfg && \
- mv /root/dist/IEC104/template.xml /usr/lib/python2.7/site-packages/Conpot-0.5.1-py2.7.egg/conpot_IEC104/templates/IEC104/ && \
-
-# Clean up
- apk del build-base \
- file \
- git \
- libev \
- libtool \
- libxslt-dev \
- mariadb-dev \
- pkgconfig \
- python-dev \
- py-cffi && \
- rm -rf /root/* && \
- rm -rf /var/cache/apk/*
-
-# Run supervisor upon container start
-CMD ["/usr/bin/conpot", "--template", "IEC104", "--logfile", "/var/log/conpot_IEC104/conpot_IEC104.log", "--config", "/etc/conpot_IEC104/conpot_IEC104.cfg"]
diff --git a/docker/conpot_IEC104/README.md b/docker/conpot_IEC104/README.md
deleted file mode 100644
index 6b8c2078..00000000
--- a/docker/conpot_IEC104/README.md
+++ /dev/null
@@ -1,15 +0,0 @@
-[](https://microbadger.com/images/dtagdevsec/conpot:1710 "Get your own version badge on microbadger.com") [](https://microbadger.com/images/dtagdevsec/conpot:1710 "Get your own image badge on microbadger.com")
-
-# conpot
-
-[ConPot](http://conpot.org/) is a low interactive server side Industrial Control Systems honeypot designed to be easy to deploy, modify and extend. By providing a range of common industrial control protocols we created the basics to build your own system, capable to emulate complex infrastructures to convince an adversary that he just found a huge industrial complex. To improve the deceptive capabilities, we also provided the possibility to server a custom human machine interface to increase the honeypots attack surface. The response times of the services can be artificially delayed to mimic the behavior of a system under constant load. Because we are providing complete stacks of the protocols, Conpot can be accessed with productive HMI's or extended with real hardware. Conpot is developed under the umbrella of the [Honeynet Project](https://www.honeynet.org/) and on the shoulders of a couple of very big giants.
-
-This dockerized version is part of the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)** of Deutsche Telekom AG.
-
-The `Dockerfile` contains the blueprint for the dockerized conpot and will be used to setup the docker image.
-
-The `docker-compose.yml` contains the necessary settings to test conpot using `docker-compose`. This will ensure to start the docker container with the appropriate permissions and port mappings.
-
-# ConPot Dashboard
-
-
diff --git a/docker/conpot_IEC104/dist/IEC104/template.xml b/docker/conpot_IEC104/dist/IEC104/template.xml
deleted file mode 100644
index 612f3048..00000000
--- a/docker/conpot_IEC104/dist/IEC104/template.xml
+++ /dev/null
@@ -1,675 +0,0 @@
-
-
-
-
-
- S7-300
- Siemens
- Creates a simple device for IEC 60870-5-104
- IEC104
- Patrick Reichenberger
-
-
-
-
-
-
- "Siemens, SIMATIC, S7-300"
-
-
- "0.0"
-
-
- conpot.emulators.misc.uptime.Uptime
-
-
- ""
-
-
- ""
-
-
- ""
-
-
- "72"
-
-
-
- 1
-
-
- 1
-
-
- "Siemens, SIMATIC NET, CP 343-1 PN, 6GK7 343-1EX21-0XE0, HW: Version 2, FW: Version V1.2.3, Ethernet Port 1, Rack 0, 100Mbit"
-
-
- 6
-
-
- 1000
-
-
- 100000000
-
-
- "\x00\x0e\x8c\x29\xc5\x1a"
-
-
- 1
-
-
- 1
-
-
- conpot.emulators.misc.uptime.Uptime
-
-
- "Compagnie Generale des Eaux"
-
-
- 0
-
-
- 1
-
-
- 1618895
-
-
- 7018
-
-
- 291
-
-
- 455107
-
-
- 872264
-
-
- 143
-
-
-
-
- 2
-
-
- 60
-
-
- 31271
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 31282
-
-
- 69023
-
-
- 0
-
-
- 0
-
-
- 60
-
-
- 7
-
-
- 3
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- "163.172.189.137"
-
-
- 1
-
-
- "255.255.255.255"
-
-
- 1
-
-
- 65528
-
-
- 0
-
-
- 4
-
-
- 0
-
-
- 1
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 144
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
- 0
-
-
-
-
- 2
-
-
- 0
-
-
- 100
-
-
- -1
-
-
- 0
-
-
- 101
-
-
- 42
-
-
- 45
-
-
- 0
-
-
- 30321
-
-
- 67821
-
-
- 2511
-
-
- 2
-
-
- "163.172.189.137"
-
-
- 2404
-
-
- "0.0.0.0"
-
-
- 0
-
-
- 1
-
-
- 728
-
-
-
- 1441
-
-
- 1280
-
-
- 23
-
-
- 47
-
-
- "163.172.189.137"
-
-
- 161
-
-
- "CP 343-1 IT"
-
-
-
-
-
-
- 30
-
-
-
- 15
-
-
-
- 10
-
-
-
- 20
-
-
-
-
- 12
-
-
-
- 8
-
-
-
- 254
-
-
-
-
-
- 1
-
-
- 0
-
-
- 0
-
-
- 1
-
-
- 1
-
-
- 1
-
-
- 1
-
-
- 1
-
-
- 1
-
-
- 1
-
-
- 1
-
-
- 1
-
-
- 1
-
-
- 0
-
-
- 1
-
-
- 0
-
-
-
-
- 1
-
-
- 1
-
-
- 0
-
-
- 0
-
-
- 1
-
-
- 1
-
-
- 1
-
-
- 1
-
-
- 1
-
-
-
-
- 1
-
-
- 2
-
-
- 1
-
-
- 2
-
-
- 2
-
-
- 1
-
-
- 1
-
-
- 1
-
-
- 1
-
-
- 1
-
-
-
-
- 2
-
-
- 1
-
-
- 1
-
-
- 1
-
-
- 1
-
-
- 1
-
-
- 1
-
-
- 1
-
-
- 1
-
-
- 1
-
-
-
-
- 103
-
-
- 31
-
-
- -49
-
-
- 28871
-
-
- 13781
-
-
- 119
-
-
- 219
-
-
- 1009
-
-
- -2
-
-
- 701
-
-
- 441
-
-
-
-
- 103
-
-
- 31
-
-
- 5
-
-
- 49
-
-
- 119
-
-
- 500
-
-
- 1
-
-
-
-
- 16.2
-
-
- 15.9
-
-
- 512.1
-
-
- 433.4
-
-
- 344.4
-
-
- -0.44013
-
-
- 43.0
-
-
- 41.2
-
-
- 12.1
-
-
- 91
-
-
- 98.8
-
-
- 110
-
-
- 85.1
-
-
- 85.2
-
-
- 410
-
-
- 592
-
-
- 1.5
-
-
- 44.7
-
-
- 11.9
-
-
- 221.45
-
-
- 13.4
-
-
- 0.000402
-
-
-
-
- 16.2
-
-
- 15.9
-
-
- 880
-
-
- 344.4
-
-
- 41.2
-
-
- 12.1
-
-
-
- ""
-
-
-
-
diff --git a/docker/conpot_IEC104/dist/conpot_IEC104.cfg b/docker/conpot_IEC104/dist/conpot_IEC104.cfg
deleted file mode 100644
index df43cd78..00000000
--- a/docker/conpot_IEC104/dist/conpot_IEC104.cfg
+++ /dev/null
@@ -1,58 +0,0 @@
-[common]
-sensorid = conpot_IEC104
-
-[session]
-timeout = 30
-
-[daemon]
-user = conpot_IEC104
-group = conpot_IEC104
-
-[json]
-enabled = True
-filename = /var/log/conpot_IEC104/conpot_IEC104.json
-
-[sqlite]
-enabled = False
-
-[mysql]
-enabled = False
-device = /tmp/mysql.sock
-host = localhost
-port = 3306
-db = conpot_IEC104
-username = conpot_IEC104
-passphrase = conpot_IEC104
-socket = tcp ; tcp (sends to host:port), dev (sends to mysql device/socket file)
-
-[syslog]
-enabled = False
-device = /dev/log
-host = localhost
-port = 514
-facility = local0
-socket = dev ; udp (sends to host:port), dev (sends to device)
-
-[hpfriends]
-enabled = False
-host = hpfriends.honeycloud.net
-port = 20000
-ident = 3Ykf9Znv
-secret = 4nFRhpm44QkG9cvD
-channels = ["conpot.events", ]
-
-[taxii]
-enabled = False
-host = taxiitest.mitre.org
-port = 80
-inbox_path = /services/inbox/default/
-use_https = False
-
-[fetch_public_ip]
-enabled = True
-urls = ["http://whatismyip.akamai.com/", "http://wgetip.com/"]
-
-[change_mac_addr]
-enabled = False
-iface = eth0
-addr = 00:de:ad:be:ef:00
diff --git a/docker/conpot_IEC104/dist/requirements.txt b/docker/conpot_IEC104/dist/requirements.txt
deleted file mode 100644
index ca8e6871..00000000
--- a/docker/conpot_IEC104/dist/requirements.txt
+++ /dev/null
@@ -1,23 +0,0 @@
-gevent>=1.0
-pysnmp==4.3.5
-pysmi==0.1.3
-lxml
-bottle
-jinja2
-beautifulsoup4
-requests
-sphinx==1.5.5
-libtaxii>=1.1.0
-MySQL-python
-xlrd
-crc16
-enum
-hpfeeds
-modbus-tk
-stix-validator
-stix
-cybox
-bacpypes==0.13.8
-pyghmi
-mixbox
-modbus-tk
diff --git a/docker/conpot_IEC104/doc/dashboard.png b/docker/conpot_IEC104/doc/dashboard.png
deleted file mode 100644
index b4830b52..00000000
Binary files a/docker/conpot_IEC104/doc/dashboard.png and /dev/null differ
diff --git a/docker/conpot_IEC104/docker-compose.yml b/docker/conpot_IEC104/docker-compose.yml
deleted file mode 100644
index ad518721..00000000
--- a/docker/conpot_IEC104/docker-compose.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-version: '2.1'
-
-networks:
- conpot_IEC104_local:
-
-services:
-
-# Conpot service using IEC104 Template
- conpot_IEC104:
- container_name: conpot_IEC104
- restart: always
- networks:
- - conpot_IEC104_local
- ports:
- - "2404:2404"
- image: "dtagdevsec/conpot:1710"
- volumes:
- - /data/conpot_IEC104/log:/var/log/conpot_IEC104
diff --git a/docker/conpot_default/Dockerfile b/docker/conpot_default/Dockerfile
index d31d7c68..2bf10405 100644
--- a/docker/conpot_default/Dockerfile
+++ b/docker/conpot_default/Dockerfile
@@ -33,7 +33,7 @@ RUN apk -U add bash \
addgroup -g 2000 conpot_default && \
adduser -S -s /bin/bash -u 2000 -D -g 2000 conpot_default && \
mkdir -p /etc/conpot_default /var/log/conpot_default && \
- mv /root/dist/conpot.cfg /etc/conpot_default/conpot_default.cfg && \
+ mv /root/dist/conpot_default.cfg /etc/conpot_default/conpot_default.cfg && \
mv /root/dist/default/template.xml /usr/lib/python2.7/site-packages/Conpot-0.5.1-py2.7.egg/conpot_default/templates/default/ && \
# Clean up
diff --git a/docker/conpot_IEC104/dist/IEC104/IEC104/IEC104.xml b/docker/conpot_default/dist/default/IEC104/IEC104.xml
similarity index 100%
rename from docker/conpot_IEC104/dist/IEC104/IEC104/IEC104.xml
rename to docker/conpot_default/dist/default/IEC104/IEC104.xml
diff --git a/docker/conpot_default/dist/default/template.xml b/docker/conpot_default/dist/default/template.xml
index 975515fd..16db522e 100644
--- a/docker/conpot_default/dist/default/template.xml
+++ b/docker/conpot_default/dist/default/template.xml
@@ -4,7 +4,7 @@
S7-200
Siemens
Rough simulation of a basic Siemens S7-200 CPU with 2 slaves
- MODBUS, s7comm, SNMP, Bacnet
+ MODBUS, s7comm, SNMP, Bacnet, IEC104
the conpot team
diff --git a/docker/conpot_default/docker-compose.yml b/docker/conpot_default/docker-compose.yml
index 0da38e8e..a89a0097 100644
--- a/docker/conpot_default/docker-compose.yml
+++ b/docker/conpot_default/docker-compose.yml
@@ -14,6 +14,7 @@ services:
ports:
- "102:102"
- "502:502"
+ - "2404:2404"
- "47808:47808"
- "161:161/udp"
image: "dtagdevsec/conpot:1710"
diff --git a/docker/conpot_guardianast/Dockerfile b/docker/conpot_guardianast/Dockerfile
index 083a46d3..c85bdb20 100644
--- a/docker/conpot_guardianast/Dockerfile
+++ b/docker/conpot_guardianast/Dockerfile
@@ -33,7 +33,7 @@ RUN apk -U add bash \
addgroup -g 2000 conpot_guardian_ast && \
adduser -S -s /bin/bash -u 2000 -D -g 2000 conpot_guardian_ast && \
mkdir -p /etc/conpot_guardian_ast /var/log/conpot_guardian_ast && \
- mv /root/dist/conpot.cfg /etc/conpot_guardian_ast/conpot_guardian_ast.cfg && \
+ mv /root/dist/conpot_guardian_ast.cfg /etc/conpot_guardian_ast/conpot_guardian_ast.cfg && \
mv /root/dist/guardian_ast/template.xml /usr/lib/python2.7/site-packages/Conpot-0.5.1-py2.7.egg/conpot_guardian_ast/templates/guardian_ast/ && \
# Clean up
diff --git a/docker/conpot_guardianast/dist/conpot_guardianast.cfg b/docker/conpot_guardianast/dist/conpot_guardian_ast.cfg
similarity index 100%
rename from docker/conpot_guardianast/dist/conpot_guardianast.cfg
rename to docker/conpot_guardianast/dist/conpot_guardian_ast.cfg
diff --git a/docker/conpot_kamstrup/Dockerfile b/docker/conpot_kamstrup/Dockerfile
index 4a21b2af..89913abe 100644
--- a/docker/conpot_kamstrup/Dockerfile
+++ b/docker/conpot_kamstrup/Dockerfile
@@ -33,7 +33,7 @@ RUN apk -U add bash \
addgroup -g 2000 conpot_kamstrup && \
adduser -S -s /bin/bash -u 2000 -D -g 2000 conpot_kamstrup && \
mkdir -p /etc/conpot_kamstrup /var/log/conpot_kamstrup && \
- mv /root/dist/conpot.cfg /etc/conpot_kamstrup/conpot_kamstrup.cfg && \
+ mv /root/dist/conpot_kamstrup.cfg /etc/conpot_kamstrup/conpot_kamstrup.cfg && \
mv /root/dist/kamstrup_382/template.xml /usr/lib/python2.7/site-packages/Conpot-0.5.1-py2.7.egg/conpot_kamstrup/templates/kamstrup_382/ && \
# Clean up
diff --git a/etc/compose/all.yml b/etc/compose/all.yml
index 9cb4ad53..df0b6e00 100644
--- a/etc/compose/all.yml
+++ b/etc/compose/all.yml
@@ -6,7 +6,6 @@ networks:
conpot_kamstrup_local:
conpot_default_local:
conpot_guardian_ast_local:
- conpot_IEC104_local:
cowrie_local:
dionaea_local:
elasticpot_local:
@@ -43,6 +42,7 @@ services:
ports:
- "102:102"
- "502:502"
+ - "2404:2404"
- "47808:47808"
- "161:161/udp"
image: "dtagdevsec/conpot:1710"
@@ -61,18 +61,6 @@ services:
volumes:
- /data/conpot_guardian_ast_local/log:/var/log/conpot_guardian_ast_local
-# Conpot service - IEC104 Template
- conpot_IEC104:
- container_name: conpot_IEC104
- restart: always
- networks:
- - conpot_IEC104_local
- ports:
- - "2404:2404"
- image: "dtagdevsec/conpot:1710"
- volumes:
- - /data/conpot_IEC104_local/log:/var/log/conpot_IEC104_local
-
# Cowrie service
cowrie:
container_name: cowrie
diff --git a/etc/compose/industrial.yml b/etc/compose/industrial.yml
index 7685ce14..96a9d50d 100644
--- a/etc/compose/industrial.yml
+++ b/etc/compose/industrial.yml
@@ -6,7 +6,6 @@ networks:
conpot_kamstrup_local:
conpot_default_local:
conpot_guardian_ast_local:
- conpot_IEC104_local:
emobility_local:
ewsposter_local:
spiderfoot_local:
@@ -36,6 +35,7 @@ services:
ports:
- "102:102"
- "502:502"
+ - "2404:2404"
- "47808:47808"
- "161:161/udp"
image: "dtagdevsec/conpot:1710"
@@ -53,19 +53,6 @@ services:
image: "dtagdevsec/conpot:1710"
volumes:
- /data/conpot_guardian_ast_local/log:/var/log/conpot_guardian_ast_local
-
-# Conpot service - IEC104 Template
- conpot_IEC104:
- container_name: conpot_IEC104
- restart: always
- networks:
- - conpot_IEC104_local
- ports:
- - "2404:2404"
- image: "dtagdevsec/conpot:1710"
- volumes:
- - /data/conpot_IEC104_local/log:/var/log/conpot_IEC104_local
-
# ELK services
## Elasticsearch service
diff --git a/etc/logrotate/logrotate.conf b/etc/logrotate/logrotate.conf
index d5cc2ca6..b7d04552 100644
--- a/etc/logrotate/logrotate.conf
+++ b/etc/logrotate/logrotate.conf
@@ -4,8 +4,6 @@
/data/conpot_kamstrup/log/conpot.log
/data/conpot_guardianast/log/conpot.json
/data/conpot_guardianast/log/conpot.log
-/data/conpot_IEC104/log/conpot.json
-/data/conpot_IEC104/log/conpot.log
/data/cowrie/log/cowrie.json
/data/cowrie/log/cowrie-textlog.log
/data/cowrie/log/lastlog.txt