diff --git a/README.md b/README.md
index 5111aa6b..4558bd17 100644
--- a/README.md
+++ b/README.md
@@ -20,7 +20,6 @@ and includes dockerized versions of the following honeypots
* [heralding](https://github.com/johnnykv/heralding),
* [hellpot](https://github.com/yunginnanet/HellPot),
* [honeypots](https://github.com/qeeqbox/honeypots),
-* [honeypy](https://github.com/foospidy/HoneyPy),
* [honeysap](https://github.com/SecureAuthCorp/HoneySAP),
* [honeytrap](https://github.com/armedpot/honeytrap/),
* [ipphoney](https://gitlab.com/bontchev/ipphoney),
@@ -107,7 +106,6 @@ In T-Pot we combine the dockerized honeypots ...
* [heralding](https://github.com/johnnykv/heralding),
* [hellpot](https://github.com/yunginnanet/HellPot),
* [honeypots](https://github.com/qeeqbox/honeypots),
-* [honeypy](https://github.com/foospidy/HoneyPy),
* [honeysap](https://github.com/SecureAuthCorp/HoneySAP),
* [honeytrap](https://github.com/armedpot/honeytrap/),
* [ipphoney](https://gitlab.com/bontchev/ipphoney),
@@ -166,7 +164,7 @@ There are prebuilt installation types available each focussing on different aspe
##### Sensor
-- Honeypots: adbhoney, ciscoasa, citrixhoneypot, conpot, cowrie, dicompot, dionaea, elasticpot, heralding, honeypy, honeysap, honeytrap, mailoney, medpot, rdpy, snare & tanner
+- Honeypots: adbhoney, ciscoasa, citrixhoneypot, conpot, cowrie, dicompot, dionaea, elasticpot, heralding, honeysap, honeytrap, mailoney, medpot, rdpy, snare & tanner
- Tools: cockpit, ewsposter, fatt, p0f & suricata
- Since there is no ELK stack provided the Sensor Installation only requires 4 GB of RAM.
@@ -182,7 +180,7 @@ There are prebuilt installation types available each focussing on different aspe
##### NextGen
-- Honeypots: adbhoney, ciscoasa, citrixhoneypot, conpot, cowrie, dicompot, dionaea, glutton, heralding, honeypy, honeysap, ipphoney, mailoney, medpot, rdpy, snare & tanner
+- Honeypots: adbhoney, ciscoasa, citrixhoneypot, conpot, cowrie, dicompot, dionaea, glutton, heralding, honeysap, ipphoney, mailoney, medpot, rdpy, snare & tanner
- Tools: cockpit, cyberchef, ELK, fatt, elasticsearch head, ewsposter, nginx / heimdall, spiderfoot, p0f & suricata
@@ -500,7 +498,7 @@ We hope you understand that we cannot provide support on an individual basis. We
# Licenses
The software that T-Pot is built on uses the following licenses.
-
GPLv2: [conpot](https://github.com/mushorg/conpot/blob/master/LICENSE.txt), [dionaea](https://github.com/DinoTools/dionaea/blob/master/LICENSE), [honeysap](https://github.com/SecureAuthCorp/HoneySAP/blob/master/COPYING), [honeypy](https://github.com/foospidy/HoneyPy/blob/master/LICENSE), [honeytrap](https://github.com/armedpot/honeytrap/blob/master/LICENSE), [suricata](http://suricata-ids.org/about/open-source/)
+
GPLv2: [conpot](https://github.com/mushorg/conpot/blob/master/LICENSE.txt), [dionaea](https://github.com/DinoTools/dionaea/blob/master/LICENSE), [honeysap](https://github.com/SecureAuthCorp/HoneySAP/blob/master/COPYING), [honeytrap](https://github.com/armedpot/honeytrap/blob/master/LICENSE), [suricata](http://suricata-ids.org/about/open-source/)
GPLv3: [adbhoney](https://github.com/huuck/ADBHoney), [elasticpot](https://gitlab.com/bontchev/elasticpot/-/blob/master/LICENSE), [ewsposter](https://github.com/telekom-security/ews/), [log4pot](https://github.com/thomaspatzke/Log4Pot/blob/master/LICENSE), [fatt](https://github.com/0x4D31/fatt/blob/master/LICENSE), [rdpy](https://github.com/citronneur/rdpy/blob/master/LICENSE), [heralding](https://github.com/johnnykv/heralding/blob/master/LICENSE.txt), [ipphoney](https://gitlab.com/bontchev/ipphoney/-/blob/master/LICENSE), [redishoneypot](https://github.com/cypwnpwnsocute/RedisHoneyPot/blob/main/LICENSE), [snare](https://github.com/mushorg/snare/blob/master/LICENSE), [tanner](https://github.com/mushorg/snare/blob/master/LICENSE)
Apache 2 License: [cyberchef](https://github.com/gchq/CyberChef/blob/master/LICENSE), [dicompot](https://github.com/nsmfoo/dicompot/blob/master/LICENSE), [elasticsearch](https://github.com/elasticsearch/elasticsearch/blob/master/LICENSE.txt), [logstash](https://github.com/elasticsearch/logstash/blob/master/LICENSE), [kibana](https://github.com/elasticsearch/kibana/blob/master/LICENSE.md), [docker](https://github.com/docker/docker/blob/master/LICENSE), [elasticsearch-head](https://github.com/mobz/elasticsearch-head/blob/master/LICENCE)
MIT license: [ciscoasa](https://github.com/Cymmetria/ciscoasa_honeypot/blob/master/LICENSE), [ddospot](https://github.com/aelth/ddospot/blob/master/LICENSE), [glutton](https://github.com/mushorg/glutton/blob/master/LICENSE), [hellpot](https://github.com/yunginnanet/HellPot/blob/master/LICENSE)
@@ -537,7 +535,6 @@ Without open source and the fruitful development community (we are proud to be a
* [hellpot](https://github.com/yunginnanet/HellPot/graphs/contributors)
* [heralding](https://github.com/johnnykv/heralding/graphs/contributors)
* [honeypots](https://github.com/qeeqbox/honeypots/graphs/contributors)
-* [honeypy](https://github.com/foospidy/HoneyPy/graphs/contributors)
* [honeysap](https://github.com/SecureAuthCorp/HoneySAP/graphs/contributors)
* [honeytrap](https://github.com/armedpot/honeytrap/graphs/contributors)
* [ipphoney](https://gitlab.com/bontchev/ipphoney/-/project_members)
diff --git a/bin/clean.sh b/bin/clean.sh
index 494e4575..fc9975ee 100755
--- a/bin/clean.sh
+++ b/bin/clean.sh
@@ -205,14 +205,6 @@ fuHONEYPOTS () {
chown tpot:tpot /data/honeypots -R
}
-# Let's create a function to clean up and prepare honeypy data
-fuHONEYPY () {
- if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/honeypy/*; fi
- mkdir -p /data/honeypy/log
- chmod 770 /data/honeypy -R
- chown tpot:tpot /data/honeypy -R
-}
-
# Let's create a function to clean up and prepare honeysap data
fuHONEYSAP () {
if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/honeysap/*; fi
@@ -356,7 +348,6 @@ if [ "$myPERSISTENCE" = "on" ];
fuHELLPOT
fuHONEYSAP
fuHONEYPOTS
- fuHONEYPY
fuHONEYTRAP
fuIPPHONEY
fuLOG4POT
diff --git a/docker/honeypy/Dockerfile b/docker/deprecated/honeypy/Dockerfile
similarity index 100%
rename from docker/honeypy/Dockerfile
rename to docker/deprecated/honeypy/Dockerfile
diff --git a/docker/honeypy/dist/honeypy.cfg b/docker/deprecated/honeypy/dist/honeypy.cfg
similarity index 100%
rename from docker/honeypy/dist/honeypy.cfg
rename to docker/deprecated/honeypy/dist/honeypy.cfg
diff --git a/docker/honeypy/dist/services.cfg b/docker/deprecated/honeypy/dist/services.cfg
similarity index 100%
rename from docker/honeypy/dist/services.cfg
rename to docker/deprecated/honeypy/dist/services.cfg
diff --git a/docker/honeypy/docker-compose.yml b/docker/deprecated/honeypy/docker-compose.yml
similarity index 100%
rename from docker/honeypy/docker-compose.yml
rename to docker/deprecated/honeypy/docker-compose.yml
diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index 635ffac7..0353324d 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -57,11 +57,6 @@ services:
build: heralding/.
image: "dtagdevsec/heralding:2203"
-# HoneyPy service
- honeypy:
- build: honeypy/.
- image: "dtagdevsec/honeypy:2203"
-
# Honeytrap service
honeytrap:
build: honeytrap/.
diff --git a/docker/elk/logstash/dist/http_output.conf b/docker/elk/logstash/dist/http_output.conf
index 7d90509f..918ca732 100644
--- a/docker/elk/logstash/dist/http_output.conf
+++ b/docker/elk/logstash/dist/http_output.conf
@@ -119,13 +119,6 @@ input {
type => "Honeypots"
}
-# Honeypy
- file {
- path => ["/data/honeypy/log/json.log"]
- codec => json
- type => "Honeypy"
- }
-
# Honeysap
file {
path => ["/data/honeysap/log/honeysap-external.log"]
@@ -494,17 +487,6 @@ filter {
}
}
-# Honeypy
- if [type] == "Honeypy" {
- date {
- match => [ "timestamp", "ISO8601" ]
- remove_field => ["timestamp"]
- remove_field => ["date"]
- remove_field => ["time"]
- remove_field => ["millisecond"]
- }
- }
-
# Honeypots
if [type] == "Honeypots" {
date {
diff --git a/docker/elk/logstash/dist/logstash.conf b/docker/elk/logstash/dist/logstash.conf
index 08f03121..8af575c2 100644
--- a/docker/elk/logstash/dist/logstash.conf
+++ b/docker/elk/logstash/dist/logstash.conf
@@ -119,13 +119,6 @@ input {
type => "Honeypots"
}
-# Honeypy
- file {
- path => ["/data/honeypy/log/json.log"]
- codec => json
- type => "Honeypy"
- }
-
# Honeysap
file {
path => ["/data/honeysap/log/honeysap-external.log"]
@@ -494,17 +487,6 @@ filter {
}
}
-# Honeypy
- if [type] == "Honeypy" {
- date {
- match => [ "timestamp", "ISO8601" ]
- remove_field => ["timestamp"]
- remove_field => ["date"]
- remove_field => ["time"]
- remove_field => ["millisecond"]
- }
- }
-
# Honeypots
if [type] == "Honeypots" {
date {
diff --git a/docker/ews/dist/ews.cfg b/docker/ews/dist/ews.cfg
index 8e6badad..95da250d 100644
--- a/docker/ews/dist/ews.cfg
+++ b/docker/ews/dist/ews.cfg
@@ -154,7 +154,7 @@ nodeid = medpot-community-01
logfile = /data/medpot/log/medpot.log
[HONEYPY]
-honeypy = true
+honeypy = false
nodeid = honeypy-community-01
logfile = /data/honeypy/log/json.log
diff --git a/etc/compose/nextgen.yml b/etc/compose/nextgen.yml
index 233e5b75..fb94bbc9 100644
--- a/etc/compose/nextgen.yml
+++ b/etc/compose/nextgen.yml
@@ -18,7 +18,6 @@ networks:
endlessh_local:
hellpot_local:
heralding_local:
- honeypy_local:
honeysap_local:
ipphoney_local:
mailoney_local:
@@ -308,25 +307,6 @@ services:
volumes:
- /data/heralding/log:/var/log/heralding
-# HoneyPy service
- honeypy:
- container_name: honeypy
- restart: always
- networks:
- - honeypy_local
- ports:
- - "7:7"
- - "8:8"
- - "2048:2048"
- - "2323:2323"
- - "2324:2324"
- - "4096:4096"
- # - "9200:9200"
- image: "dtagdevsec/honeypy:2203"
- read_only: true
- volumes:
- - /data/honeypy/log:/opt/honeypy/log
-
# HoneySAP service
honeysap:
container_name: honeysap
diff --git a/etc/compose/sensor.yml b/etc/compose/sensor.yml
index c576dd70..810a2751 100644
--- a/etc/compose/sensor.yml
+++ b/etc/compose/sensor.yml
@@ -15,7 +15,6 @@ networks:
dionaea_local:
elasticpot_local:
heralding_local:
- honeypy_local:
honeysap_local:
mailoney_local:
medpot_local:
@@ -275,25 +274,6 @@ services:
volumes:
- /data/heralding/log:/var/log/heralding
-# HoneyPy service
- honeypy:
- container_name: honeypy
- restart: always
- networks:
- - honeypy_local
- ports:
- - "7:7"
- - "8:8"
- - "2048:2048"
- - "2323:2323"
- - "2324:2324"
- - "4096:4096"
- # - "9200:9200"
- image: "dtagdevsec/honeypy:2203"
- read_only: true
- volumes:
- - /data/honeypy/log:/opt/honeypy/log
-
# HoneySAP service
honeysap:
container_name: honeysap
diff --git a/etc/logrotate/logrotate.conf b/etc/logrotate/logrotate.conf
index 52631483..dd144cb4 100644
--- a/etc/logrotate/logrotate.conf
+++ b/etc/logrotate/logrotate.conf
@@ -24,7 +24,6 @@
/data/heralding/log/*.csv
/data/heralding/log/*.json
/data/honeypots/log/*.log
-/data/honeypy/log/*.log
/data/honeysap/log/*.log
/data/honeytrap/log/*.log
/data/honeytrap/log/*.json
diff --git a/iso/installer/install.sh b/iso/installer/install.sh
index 200f5068..bb9a0575 100755
--- a/iso/installer/install.sh
+++ b/iso/installer/install.sh
@@ -22,7 +22,7 @@ myLSB_STABLE_SUPPORTED="buster bullseye"
myLSB_TESTING_SUPPORTED="stable"
myREMOTESITES="https://hub.docker.com https://github.com https://pypi.python.org https://debian.org https://listbot.sicherheitstacho.eu"
myPREINSTALLPACKAGES="aria2 apache2-utils cracklib-runtime curl dialog figlet fuse grc libcrack2 libpq-dev lsb-release net-tools software-properties-common toilet"
-myINSTALLPACKAGES="aria2 apache2-utils apparmor apt-transport-https bash-completion build-essential ca-certificates cgroupfs-mount cockpit console-setup console-setup-linux cracklib-runtime curl debconf-utils dialog dnsutils docker.io docker-compose ethtool fail2ban figlet genisoimage git grc haveged html2text htop iptables iw jq kbd libcrack2 libltdl7 libpam-google-authenticator man mosh multitail net-tools npm ntp openssh-server openssl pass pigz prips software-properties-common sshpass syslinux psmisc pv python3-pip toilet unattended-upgrades unzip vim wget wireless-tools wpasupplicant"
+myINSTALLPACKAGES="aria2 apache2-utils apparmor apt-transport-https bash-completion bat build-essential ca-certificates cgroupfs-mount cockpit console-setup console-setup-linux cracklib-runtime curl debconf-utils dialog dnsutils docker.io docker-compose ethtool fail2ban figlet genisoimage git grc haveged html2text htop iptables iw jq kbd libcrack2 libltdl7 libpam-google-authenticator man mosh multitail net-tools neovim npm ntp openssh-server openssl pass pigz prips software-properties-common sshpass syslinux psmisc pv python3-pip toilet unattended-upgrades unzip wget wireless-tools wpasupplicant"
myINFO="\
###########################################
### T-Pot Installer for Debian (Stable) ###
@@ -822,7 +822,6 @@ mkdir -vp /data/adbhoney/{downloads,log} \
/data/hellpot/log \
/data/heralding/log \
/data/honeypots/log \
- /data/honeypy/log \
/data/honeysap/log \
/data/ipphoney/log \
/data/log4pot/{log,payloads} \
diff --git a/update.sh b/update.sh
index f295130d..89248e17 100755
--- a/update.sh
+++ b/update.sh
@@ -184,7 +184,7 @@ function fuUPDATER () {
export DEBIAN_FRONTEND=noninteractive
echo "### Installing apt-fast"
/bin/bash -c "$(curl -sL https://raw.githubusercontent.com/ilikenwf/apt-fast/master/quick-install.sh)"
-local myPACKAGES="aria2 apache2-utils apparmor apt-transport-https bash-completion build-essential ca-certificates cgroupfs-mount cockpit console-setup console-setup-linux cracklib-runtime curl debconf-utils dialog dnsutils docker.io docker-compose ethtool fail2ban figlet genisoimage git grc haveged html2text htop iptables iw jq kbd libcrack2 libltdl7 libpam-google-authenticator man mosh multitail net-tools npm ntp openssh-server openssl pass pigz prips software-properties-common sshpass syslinux psmisc pv python3-pip toilet unattended-upgrades unzip vim wget wireless-tools wpasupplicant"
+local myPACKAGES="aria2 apache2-utils apparmor apt-transport-https bash-completion bat build-essential ca-certificates cgroupfs-mount cockpit console-setup console-setup-linux cracklib-runtime curl debconf-utils dialog dnsutils docker.io docker-compose ethtool fail2ban figlet genisoimage git grc haveged html2text htop iptables iw jq kbd libcrack2 libltdl7 libpam-google-authenticator man mosh multitail net-tools neovim npm ntp openssh-server openssl pass pigz prips software-properties-common sshpass syslinux psmisc pv python3-pip toilet unattended-upgrades unzip wget wireless-tools wpasupplicant"
# Remove purge in the future
echo "### Removing repository based install of elasticsearch-curator"
apt-get purge elasticsearch-curator -y
@@ -244,7 +244,6 @@ mkdir -vp /data/adbhoney/{downloads,log} \
/data/hellpot/log \
/data/heralding/log \
/data/honeypots/log \
- /data/honeypy/log \
/data/honeysap/log \
/data/ipphoney/log \
/data/log4pot/{log,payloads} \