mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-07-02 04:52:11 +00:00
tweaking
This commit is contained in:
Marco Ochse
parent
e211a19c37
commit
e8621fbba1
10 changed files with 62 additions and 41 deletions
|
|
@ -1,8 +1,5 @@
|
||||||
version: '2.3'
|
version: '2.3'
|
||||||
|
|
||||||
networks:
|
|
||||||
honeytrap_local:
|
|
||||||
|
|
||||||
services:
|
services:
|
||||||
|
|
||||||
# Honeytrap service
|
# Honeytrap service
|
||||||
|
|
|
||||||
|
|
@ -8,6 +8,9 @@ services:
|
||||||
container_name: netdata
|
container_name: netdata
|
||||||
restart: always
|
restart: always
|
||||||
network_mode: "host"
|
network_mode: "host"
|
||||||
|
#depends_on:
|
||||||
|
# elasticsearch:
|
||||||
|
# condition: service_healthy
|
||||||
cap_add:
|
cap_add:
|
||||||
- SYS_PTRACE
|
- SYS_PTRACE
|
||||||
security_opt:
|
security_opt:
|
||||||
|
|
|
||||||
|
Before Width: | Height: | Size: 224 KiB After Width: | Height: | Size: 224 KiB |
|
|
@ -1,23 +1,20 @@
|
||||||
# T-Pot (Standard)
|
version: '2.3'
|
||||||
# For docker-compose ...
|
|
||||||
version: '2.2'
|
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
ui-for-docker_local:
|
portainer_local:
|
||||||
|
|
||||||
services:
|
services:
|
||||||
|
|
||||||
# Ui-for-docker service
|
portainer:
|
||||||
ui-for-docker:
|
|
||||||
build: .
|
build: .
|
||||||
container_name: ui-for-docker
|
container_name: portainer
|
||||||
command: -H unix:///var/run/docker.sock --no-auth
|
command: -H unix:///var/run/docker.sock --no-auth
|
||||||
restart: always
|
restart: always
|
||||||
networks:
|
networks:
|
||||||
- ui-for-docker_local
|
- portainer_local
|
||||||
ports:
|
ports:
|
||||||
- "127.0.0.1:64299:9000"
|
- "127.0.0.1:64299:9000"
|
||||||
image: "dtagdevsec/ui-for-docker:1804"
|
image: "dtagdevsec/portainer:1804"
|
||||||
read_only: true
|
read_only: true
|
||||||
volumes:
|
volumes:
|
||||||
- /var/run/docker.sock:/var/run/docker.sock
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
|
Before Width: | Height: | Size: 805 B After Width: | Height: | Size: 805 B |
|
|
@ -1,6 +1,4 @@
|
||||||
# T-Pot (Standard)
|
version: '2.3'
|
||||||
# For docker-compose ...
|
|
||||||
version: '2.2'
|
|
||||||
|
|
||||||
services:
|
services:
|
||||||
|
|
||||||
|
|
|
||||||
BIN
docker/wetty/.docker-compose.yml.swp
Normal file
BIN
docker/wetty/.docker-compose.yml.swp
Normal file
Binary file not shown.
|
|
@ -1,7 +1,6 @@
|
||||||
# T-Pot (Standard)
|
# T-Pot (Standard)
|
||||||
# For docker-compose ...
|
|
||||||
# Do not erase ports sections, these are used by /opt/tpot/bin/rules.sh to setup iptables ACCEPT rules for NFQ (honeytrap / glutton)
|
# Do not erase ports sections, these are used by /opt/tpot/bin/rules.sh to setup iptables ACCEPT rules for NFQ (honeytrap / glutton)
|
||||||
version: '2.2'
|
version: '2.3'
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
cowrie_local:
|
cowrie_local:
|
||||||
|
|
@ -11,7 +10,7 @@ networks:
|
||||||
mailoney_local:
|
mailoney_local:
|
||||||
rdpy_local:
|
rdpy_local:
|
||||||
spiderfoot_local:
|
spiderfoot_local:
|
||||||
ui-for-docker_local:
|
portainer_local:
|
||||||
vnclowpot_local:
|
vnclowpot_local:
|
||||||
|
|
||||||
services:
|
services:
|
||||||
|
|
@ -21,11 +20,14 @@ services:
|
||||||
container_name: ciscoasa
|
container_name: ciscoasa
|
||||||
restart: always
|
restart: always
|
||||||
stop_signal: SIGINT
|
stop_signal: SIGINT
|
||||||
|
tmpfs:
|
||||||
|
- /tmp/ciscoasa:uid=2000,gid=2000
|
||||||
network_mode: "host"
|
network_mode: "host"
|
||||||
ports:
|
ports:
|
||||||
- "5000:5000/udp"
|
- "5000:5000/udp"
|
||||||
- "8443:8443"
|
- "8443:8443"
|
||||||
image: "dtagdevsec/ciscoasa:1804"
|
image: "dtagdevsec/ciscoasa:1804"
|
||||||
|
read_only: true
|
||||||
volumes:
|
volumes:
|
||||||
- /data/ciscoasa/log:/var/log/ciscoasa
|
- /data/ciscoasa/log:/var/log/ciscoasa
|
||||||
|
|
||||||
|
|
@ -33,12 +35,16 @@ services:
|
||||||
cowrie:
|
cowrie:
|
||||||
container_name: cowrie
|
container_name: cowrie
|
||||||
restart: always
|
restart: always
|
||||||
|
tmpfs:
|
||||||
|
- /tmp/cowrie:uid=2000,gid=2000
|
||||||
|
- /tmp/cowrie/data:uid=2000,gid=2000
|
||||||
networks:
|
networks:
|
||||||
- cowrie_local
|
- cowrie_local
|
||||||
ports:
|
ports:
|
||||||
- "22:22"
|
- "22:22"
|
||||||
- "23:23"
|
- "23:23"
|
||||||
image: "dtagdevsec/cowrie:1804"
|
image: "dtagdevsec/cowrie:1804"
|
||||||
|
read_only: true
|
||||||
volumes:
|
volumes:
|
||||||
- /data/cowrie/downloads:/home/cowrie/cowrie/dl
|
- /data/cowrie/downloads:/home/cowrie/cowrie/dl
|
||||||
- /data/cowrie/keys:/home/cowrie/cowrie/etc
|
- /data/cowrie/keys:/home/cowrie/cowrie/etc
|
||||||
|
|
@ -49,6 +55,7 @@ services:
|
||||||
dionaea:
|
dionaea:
|
||||||
container_name: dionaea
|
container_name: dionaea
|
||||||
stdin_open: true
|
stdin_open: true
|
||||||
|
tty: true
|
||||||
restart: always
|
restart: always
|
||||||
network_mode: "host"
|
network_mode: "host"
|
||||||
ports:
|
ports:
|
||||||
|
|
@ -56,7 +63,7 @@ services:
|
||||||
- "21:21"
|
- "21:21"
|
||||||
- "42:42"
|
- "42:42"
|
||||||
- "69:69/udp"
|
- "69:69/udp"
|
||||||
- "8081:8081"
|
- "81:81"
|
||||||
- "135:135"
|
- "135:135"
|
||||||
- "443:443"
|
- "443:443"
|
||||||
- "445:445"
|
- "445:445"
|
||||||
|
|
@ -101,7 +108,8 @@ services:
|
||||||
restart: always
|
restart: always
|
||||||
environment:
|
environment:
|
||||||
- bootstrap.memory_lock=true
|
- bootstrap.memory_lock=true
|
||||||
- "ES_JAVA_OPTS=-Xms1024m -Xmx1024m"
|
- ES_JAVA_OPTS=-Xms1024m -Xmx1024m
|
||||||
|
- ES_TMPDIR=/tmp
|
||||||
cap_add:
|
cap_add:
|
||||||
- IPC_LOCK
|
- IPC_LOCK
|
||||||
ulimits:
|
ulimits:
|
||||||
|
|
@ -173,11 +181,10 @@ services:
|
||||||
# Glastopf service
|
# Glastopf service
|
||||||
glastopf:
|
glastopf:
|
||||||
container_name: glastopf
|
container_name: glastopf
|
||||||
environment:
|
|
||||||
- PYTHON_EGG_CACHE=/tmp/glastopf
|
|
||||||
tmpfs:
|
tmpfs:
|
||||||
- /tmp/glastopf:exec
|
- /tmp/glastopf:uid=2000,gid=2000
|
||||||
restart: always
|
restart: always
|
||||||
|
stop_signal: SIGINT
|
||||||
networks:
|
networks:
|
||||||
- glastopf_local
|
- glastopf_local
|
||||||
ports:
|
ports:
|
||||||
|
|
@ -185,17 +192,20 @@ services:
|
||||||
image: "dtagdevsec/glastopf:1804"
|
image: "dtagdevsec/glastopf:1804"
|
||||||
read_only: true
|
read_only: true
|
||||||
volumes:
|
volumes:
|
||||||
- /data/glastopf/db:/opt/glastopf/db
|
- /data/glastopf/db:/tmp/glastopf/db
|
||||||
- /data/glastopf/log:/opt/glastopf/log
|
- /data/glastopf/log:/tmp/glastopf/log
|
||||||
|
|
||||||
# Honeytrap service
|
# Honeytrap service
|
||||||
honeytrap:
|
honeytrap:
|
||||||
container_name: honeytrap
|
container_name: honeytrap
|
||||||
restart: always
|
restart: always
|
||||||
|
tmpfs:
|
||||||
|
- /tmp/honeytrap:uid=2000,gid=2000
|
||||||
network_mode: "host"
|
network_mode: "host"
|
||||||
cap_add:
|
cap_add:
|
||||||
- NET_ADMIN
|
- NET_ADMIN
|
||||||
image: "dtagdevsec/honeytrap:1804"
|
image: "dtagdevsec/honeytrap:1804"
|
||||||
|
read_only: true
|
||||||
volumes:
|
volumes:
|
||||||
- /data/honeytrap/attacks:/opt/honeytrap/var/attacks
|
- /data/honeytrap/attacks:/opt/honeytrap/var/attacks
|
||||||
- /data/honeytrap/downloads:/opt/honeytrap/var/downloads
|
- /data/honeytrap/downloads:/opt/honeytrap/var/downloads
|
||||||
|
|
@ -205,11 +215,17 @@ services:
|
||||||
mailoney:
|
mailoney:
|
||||||
container_name: mailoney
|
container_name: mailoney
|
||||||
restart: always
|
restart: always
|
||||||
|
environment:
|
||||||
|
- HPFEEDS_SERVER=
|
||||||
|
- HPFEEDS_IDENT=user
|
||||||
|
- HPFEEDS_SECRET=pass
|
||||||
|
- HPFEEDS_PORT=20000
|
||||||
|
- HPFEEDS_CHANNELPREFIX=prefix
|
||||||
stop_signal: SIGINT
|
stop_signal: SIGINT
|
||||||
networks:
|
networks:
|
||||||
- mailoney_local
|
- mailoney_local
|
||||||
ports:
|
ports:
|
||||||
- "25:2525"
|
- "25:25"
|
||||||
image: "dtagdevsec/mailoney:1804"
|
image: "dtagdevsec/mailoney:1804"
|
||||||
read_only: true
|
read_only: true
|
||||||
volumes:
|
volumes:
|
||||||
|
|
@ -233,7 +249,7 @@ services:
|
||||||
volumes:
|
volumes:
|
||||||
- /proc:/host/proc:ro
|
- /proc:/host/proc:ro
|
||||||
- /sys:/host/sys:ro
|
- /sys:/host/sys:ro
|
||||||
- /var/run/docker.sock:/var/run/docker.sock
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||||
|
|
||||||
# nginx service
|
# nginx service
|
||||||
nginx:
|
nginx:
|
||||||
|
|
@ -256,10 +272,32 @@ services:
|
||||||
- /data/nginx/conf/nginxpasswd:/etc/nginx/nginxpasswd:ro
|
- /data/nginx/conf/nginxpasswd:/etc/nginx/nginxpasswd:ro
|
||||||
- /data/nginx/log/:/var/log/nginx/
|
- /data/nginx/log/:/var/log/nginx/
|
||||||
|
|
||||||
|
# Portainer service
|
||||||
|
portainer:
|
||||||
|
container_name: portainer
|
||||||
|
command: -H unix:///var/run/docker.sock --no-auth
|
||||||
|
restart: always
|
||||||
|
networks:
|
||||||
|
- portainer_local
|
||||||
|
ports:
|
||||||
|
- "127.0.0.1:64299:9000"
|
||||||
|
image: "dtagdevsec/portainer:1804"
|
||||||
|
read_only: true
|
||||||
|
volumes:
|
||||||
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
|
|
||||||
# Rdpy service
|
# Rdpy service
|
||||||
rdpy:
|
rdpy:
|
||||||
container_name: rdpy
|
container_name: rdpy
|
||||||
|
extra_hosts:
|
||||||
|
- hpfeeds.example.com:127.0.0.1
|
||||||
restart: always
|
restart: always
|
||||||
|
environment:
|
||||||
|
- HPFEEDS_SERVER=hpfeeds.example.com
|
||||||
|
- HPFEEDS_IDENT=user
|
||||||
|
- HPFEEDS_SECRET=pass
|
||||||
|
- HPFEEDS_PORT=65000
|
||||||
|
- SERVERID=id
|
||||||
networks:
|
networks:
|
||||||
- rdpy_local
|
- rdpy_local
|
||||||
ports:
|
ports:
|
||||||
|
|
@ -281,20 +319,6 @@ services:
|
||||||
volumes:
|
volumes:
|
||||||
- /data/spiderfoot/spiderfoot.db:/home/spiderfoot/spiderfoot.db
|
- /data/spiderfoot/spiderfoot.db:/home/spiderfoot/spiderfoot.db
|
||||||
|
|
||||||
# Ui-for-docker service
|
|
||||||
ui-for-docker:
|
|
||||||
container_name: ui-for-docker
|
|
||||||
command: -H unix:///var/run/docker.sock --no-auth
|
|
||||||
restart: always
|
|
||||||
networks:
|
|
||||||
- ui-for-docker_local
|
|
||||||
ports:
|
|
||||||
- "127.0.0.1:64299:9000"
|
|
||||||
image: "dtagdevsec/ui-for-docker:1804"
|
|
||||||
read_only: true
|
|
||||||
volumes:
|
|
||||||
- /var/run/docker.sock:/var/run/docker.sock
|
|
||||||
|
|
||||||
# Suricata service
|
# Suricata service
|
||||||
suricata:
|
suricata:
|
||||||
container_name: suricata
|
container_name: suricata
|
||||||
|
|
@ -343,5 +367,7 @@ services:
|
||||||
network_mode: "host"
|
network_mode: "host"
|
||||||
env_file:
|
env_file:
|
||||||
- /opt/tpot/etc/compose/wetty_environment
|
- /opt/tpot/etc/compose/wetty_environment
|
||||||
|
tmpfs:
|
||||||
|
- /home/wetty/.ssh/:uid=2000,gid=2000
|
||||||
image: "dtagdevsec/wetty:1804"
|
image: "dtagdevsec/wetty:1804"
|
||||||
read_only: true
|
read_only: true
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue