mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-07-01 04:22:11 +00:00
very basic installation stuff
This commit is contained in:
Marco Ochse
parent
6e3f3b8d24
commit
fbfb5a1d90
11 changed files with 45 additions and 39 deletions
11
README.md
11
README.md
|
|
@ -1,15 +1,14 @@
|
|||
# T-Pot 16.03 Image Creator
|
||||
# T-Pot 16.10 Image Creator (broken, dev in progress)
|
||||
|
||||
This repository contains the necessary files to create the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)** ISO image.
|
||||
The image can then be used to install T-Pot on a physical or virtual machine.
|
||||
|
||||
Last year we released
|
||||
[T-Pot 15.03](http://dtag-dev-sec.github.io/mediator/feature/2015/03/17/concept.html)
|
||||
as open source and we received lots of positive feedback and naturally feature requests which encouraged us to continue development and share our work as open source and are proud to present to you ...
|
||||
In March 2016 we released
|
||||
[T-Pot 16.03](http://dtag-dev-sec.github.io/mediator/feature/2016/03/11/t-pot-16.03.html)
|
||||
|
||||
# T-Pot 16.03
|
||||
# T-Pot 16.10
|
||||
|
||||
T-Pot 16.03 is based on
|
||||
T-Pot 16.10 now uses Ubuntu Server 16.04 LTS and is based on
|
||||
|
||||
[docker](https://www.docker.com/)
|
||||
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
# T-Pot #
|
||||
# ELK DB backup script #
|
||||
# #
|
||||
# v16.03.1 by mo, DTAG, 2016-03-09 #
|
||||
# v16.10.0 by mo, DTAG, 2016-05-12 #
|
||||
########################################################
|
||||
myCOUNT=1
|
||||
myDATE=$(date +%Y%m%d%H%M)
|
||||
|
|
@ -38,7 +38,7 @@ touch /var/run/check.lock
|
|||
|
||||
# Stop ELK to lift db lock
|
||||
echo "Now stopping ELK ..."
|
||||
service elk stop
|
||||
systemctl stop elk
|
||||
sleep 10
|
||||
|
||||
# Backup DB in 2 flavors
|
||||
|
|
@ -53,7 +53,7 @@ chmod 760 -R $myELKPATH
|
|||
chown tpot:tpot -R $myELKPATH
|
||||
|
||||
# Start ELK
|
||||
service elk start
|
||||
systemctl start elk
|
||||
echo "Now starting up ELK ..."
|
||||
|
||||
# Allow checks to resume
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
# T-Pot #
|
||||
# Check container and services script #
|
||||
# #
|
||||
# v16.03.1 by mo, DTAG, 2016-03-09 #
|
||||
# v16.10.0 by mo, DTAG, 2016-05-12 #
|
||||
########################################################
|
||||
if [ -a /var/run/check.lock ];
|
||||
then
|
||||
|
|
@ -29,9 +29,9 @@ for i in $myIMAGES
|
|||
if [ $myUPTIME -gt 4 ] && [ $myCIDSTATUS -gt 0 ];
|
||||
then
|
||||
echo "Restarting "$i"."
|
||||
service $i stop
|
||||
systemctl stop $i
|
||||
sleep 5
|
||||
service $i start
|
||||
systemctl start $i
|
||||
fi
|
||||
done
|
||||
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
# T-Pot #
|
||||
# Container and services restart script #
|
||||
# #
|
||||
# v16.03.1 by mo, DTAG, 2016-03-09 #
|
||||
# v16.10.0 by mo, DTAG, 2016-05-12 #
|
||||
########################################################
|
||||
myCOUNT=1
|
||||
|
||||
|
|
@ -38,12 +38,12 @@ if [ $myUPTIME -gt 4 ];
|
|||
then
|
||||
for i in $myIMAGES
|
||||
do
|
||||
service $i stop
|
||||
systemctl stop $i
|
||||
done
|
||||
echo "### Waiting 10 seconds before restarting docker ..."
|
||||
sleep 10
|
||||
iptables -w -F
|
||||
service docker restart
|
||||
systemctl restart docker
|
||||
while true
|
||||
do
|
||||
docker info > /dev/null
|
||||
|
|
@ -64,7 +64,7 @@ if [ $myUPTIME -gt 4 ];
|
|||
echo "### Starting T-Pot services ..."
|
||||
for i in $myIMAGES
|
||||
do
|
||||
service $i start
|
||||
systemctl start $i
|
||||
done
|
||||
sleep 5
|
||||
else
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
# T-Pot #
|
||||
# Container and services status script #
|
||||
# #
|
||||
# v16.03.1 by mo, DTAG, 2016-03-09 #
|
||||
# v16.10.0 by mo, DTAG, 2016-05-12 #
|
||||
########################################################
|
||||
myCOUNT=1
|
||||
|
||||
|
|
|
|||
|
|
@ -4,9 +4,11 @@
|
|||
# T-Pot #
|
||||
# Only start the containers found in /etc/init/ #
|
||||
# #
|
||||
# v16.03.2 by mo, DTAG, 2016-04-20 #
|
||||
# v16.10.0 by mo, DTAG, 2016-05-12 #
|
||||
########################################################
|
||||
|
||||
echo "### I still need some dev-work!"
|
||||
|
||||
# Make sure not to interrupt a check
|
||||
while true
|
||||
do
|
||||
|
|
@ -33,19 +35,21 @@ done
|
|||
touch /var/run/check.lock
|
||||
|
||||
# Stop T-Pot services and delete all T-Pot upstart scripts
|
||||
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
echo "### Stopping T-Pot services and cleaning up."
|
||||
for i in $(cat /data/imgcfg/all_images.conf);
|
||||
do
|
||||
service $i stop
|
||||
systemctl stop $i
|
||||
sleep 2
|
||||
rm -rf /etc/init/$i.conf || true;
|
||||
done
|
||||
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
|
||||
# Restarting docker services
|
||||
echo "### Restarting docker services ..."
|
||||
service docker stop
|
||||
systemctl stop docker
|
||||
sleep 2
|
||||
service docker start
|
||||
systemctl start docker
|
||||
sleep 2
|
||||
|
||||
# Setup only T-Pot upstart scripts from images.conf and pull the images
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
T-Pot 16.03
|
||||
T-Pot 16.10 (development)
|
||||
Hostname: \n
|
||||
IP:
|
||||
|
||||
|
|
|
|||
|
|
@ -4,11 +4,10 @@
|
|||
# T-Pot #
|
||||
# Two-Factor-Authentication and SSH enable script #
|
||||
# #
|
||||
# v16.03.2 by mo, DTAG, 2016-03-09 #
|
||||
# v16.10.0 by mo, DTAG, 2016-05-12 #
|
||||
########################################################
|
||||
myBACKTITLE="T-Pot - Two-Factor-Authentication and SSH enable script"
|
||||
|
||||
|
||||
# Let's ask if the user wants to enable two-factor ...
|
||||
dialog --backtitle "$myBACKTITLE" --title "[ Enable 2FA? ]" --yesno "\nDo you want to enable Two-Factor-Authentication based on Google Authenticator for SSH?" 8 70
|
||||
my2FA=$?
|
||||
|
|
@ -32,13 +31,13 @@ if [ "$my2FA" = "0" ] && ! [ -f /etc/pam.d/sshd.bak ];
|
|||
fi
|
||||
|
||||
# Enable SSH
|
||||
if [ "$mySSH" = "0" ] && [ -f /etc/init/ssh.override ];
|
||||
if [ "$mySSH" = "0" ] && [ "$(systemctl status ssh | grep -o dead)" = "dead" ];
|
||||
then
|
||||
clear
|
||||
sudo rm /etc/init/ssh.override
|
||||
sudo service ssh start
|
||||
sudo systemctl enable ssh
|
||||
sudo systemctl start ssh
|
||||
dialog --backtitle "$myBACKTITLE" --title "[ SSH enabled ]" --msgbox "\nThe SSH service has been enabled and is now reachable via port tcp/64295. Password authentication is disabled by default." 8 70
|
||||
elif ! [ -f /etc/init/ssh.override ]
|
||||
elif [ "$(systemctl status ssh | grep -o dead)" = "" ]
|
||||
then
|
||||
dialog --backtitle "$myBACKTITLE" --title "[ Already enabled ]" --msgbox "\nIt seems that SSH has already been enabled." 8 70
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
#!/bin/bash
|
||||
########################################################
|
||||
# T-Pot post install script #
|
||||
# Ubuntu server 14.04.4, x64 #
|
||||
# Ubuntu server 16.04.0, x64 #
|
||||
# #
|
||||
# v16.03.14 by mo, DTAG, 2016-03-08 #
|
||||
# v16.10.0 by mo, DTAG, 2016-05-12 #
|
||||
########################################################
|
||||
|
||||
# Type of install, SENSOR, INDUSTRIAL or FULL?
|
||||
|
|
@ -20,9 +20,9 @@ myPFXHOSTIDPATH="/root/tpot/keys/8021x.id"
|
|||
fuECHO () {
|
||||
local myRED=1
|
||||
local myWHT=7
|
||||
tput setaf $myRED
|
||||
tput setaf $myRED -T xterm
|
||||
echo $1 "$2"
|
||||
tput setaf $myWHT
|
||||
tput setaf $myWHT -T xterm
|
||||
}
|
||||
|
||||
# Let's make sure there is a warning if running for a second time
|
||||
|
|
@ -154,7 +154,7 @@ EOF
|
|||
fuECHO "### Adding the docker repository."
|
||||
apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
|
||||
tee /etc/apt/sources.list.d/docker.list <<EOF
|
||||
deb https://apt.dockerproject.org/repo ubuntu-trusty main
|
||||
deb https://apt.dockerproject.org/repo ubuntu-xenial main
|
||||
EOF
|
||||
|
||||
# Let's pull some updates
|
||||
|
|
@ -165,7 +165,11 @@ apt-get upgrade -y
|
|||
|
||||
# Let's install docker
|
||||
fuECHO "### Installing docker-engine."
|
||||
apt-get install docker-engine=1.10.2-0~trusty -y
|
||||
apt-get install docker-engine=1.11.1-0~xenial -y
|
||||
|
||||
# Let's enable docker at boot and start service
|
||||
systemctl enable docker
|
||||
systemctl start docker
|
||||
|
||||
# Let's add proxy settings to docker defaults
|
||||
if [ -f $myPROXYFILEPATH ];
|
||||
|
|
@ -197,7 +201,7 @@ sed -i 's#Port 22#Port 64295#' /etc/ssh/sshd_config
|
|||
sed -i 's#\#PasswordAuthentication yes#PasswordAuthentication no#' /etc/ssh/sshd_config
|
||||
|
||||
# Let's disable ssh service
|
||||
echo "manual" >> /etc/init/ssh.override
|
||||
systemctl disable ssh
|
||||
|
||||
# Let's patch docker defaults, so we can run images as service
|
||||
fuECHO "### Patching docker defaults."
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
default install
|
||||
label install
|
||||
menu label ^Install T-Pot 16.03
|
||||
menu label ^Install T-Pot 16.10 (development)
|
||||
kernel /install/vmlinuz
|
||||
append file=/cdrom/tpot/tpot.seed initrd=/install/initrd.gz ks=cdrom:/tpot/ks.cfg console-setup/ask_detect=true --
|
||||
|
|
|
|||
|
|
@ -4,13 +4,13 @@
|
|||
# T-Pot #
|
||||
# .ISO maker #
|
||||
# #
|
||||
# v16.03.4 by mo, DTAG, 2016-03-08 #
|
||||
# v16.10.0 by mo, DTAG, 2016-05-20 #
|
||||
########################################################
|
||||
|
||||
# Let's define some global vars
|
||||
myBACKTITLE="T-Pot - ISO Maker"
|
||||
myUBUNTULINK="http://releases.ubuntu.com/14.04.4/ubuntu-14.04.4-server-amd64.iso"
|
||||
myUBUNTUISO="ubuntu-14.04.4-server-amd64.iso"
|
||||
myUBUNTULINK="http://releases.ubuntu.com/16.04/ubuntu-16.04-server-amd64.iso"
|
||||
myUBUNTUISO="ubuntu-16.04-server-amd64.iso"
|
||||
myTPOTISO="tpot.iso"
|
||||
myTPOTDIR="tpotiso"
|
||||
myTPOTSEED="preseed/tpot.seed"
|
||||
|
|
|
|||
Loading…
Reference in a new issue