t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								36774d0b71 
								
							 
						 
						
							
							
								
								update tags / version to 2204, tweaking README  
							
							
							
						 
						
							2022-04-08 13:45:53 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								22904d402a 
								
							 
						 
						
							
							
								
								drop root privileges for suricata  
							
							
							
						 
						
							2022-03-08 17:29:03 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								ef31fc155b 
								
							 
						 
						
							
							
								
								re-add FROMURL example for Suricata in compose files  
							
							
							
						 
						
							2022-01-20 18:34:51 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								22acb6fa84 
								
							 
						 
						
							
							
								
								bump to Alpine 3.15  
							
							
							
						 
						
							2022-01-19 00:46:04 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								0e5986d2df 
								
							 
						 
						
							
							
								
								Tweaking  
							
							... 
							
							
							
							Remove Elasticsearch-Curator in packages, configs and references (BREAKING CHANGE)
Add Index Lifecycle Management in favor of elasticsearch-curator
Point all images to 2203 tags 
							
						 
						
							2022-01-14 15:52:08 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								68b080a3a8 
								
							 
						 
						
							
							
								
								Work in progress!  
							
							... 
							
							
							
							This is the foundation for the distributed T-Pot feature,
highly work in progress, only works with local docker image builds,
will be available for prod for upcoming T-Pot 22xx. 
							
						 
						
							2022-01-03 18:24:17 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								261b380db7 
								
							 
						 
						
							
							
								
								cleaup fatt, bump suricata to 6.0.3  
							
							
							
						 
						
							2021-09-30 19:39:59 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									trixam 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								60e57bce52 
								
							 
						 
						
							
							
								
								Update update.sh  
							
							... 
							
							
							
							Adding quotation marks for $URL 
							
						 
						
							2021-05-03 14:40:08 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									trixam 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								dceaa984c9 
								
							 
						 
						
							
							
								
								Update update.sh  
							
							... 
							
							
							
							Download rules via URL 
							
						 
						
							2021-04-21 12:44:36 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Andrea De Pasquale 
								
							 
						 
						
							
							
							
							
								
							
							
								b3b983afe6 
								
							 
						 
						
							
							
								
								Change method to get default Suricata interface  
							
							... 
							
							
							
							On some systems, interface number 2 is not always the correct one.
With AWK we now collect the first active interface having both an
address and a broadcast. 
							
						 
						
							2021-01-06 11:14:24 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Andrea De Pasquale 
								
							 
						 
						
							
							
							
							
								
							
							
								87a27e4f2b 
								
							 
						 
						
							
							
								
								Suricata: use suricata-update for rule management  
							
							... 
							
							
							
							As a bonus we can now run "suricata-update" using docker-exec,
triggering both a rule update and a Suricata rule reload. 
							
						 
						
							2020-11-30 17:56:14 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marco Ochse 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								2ecef8c607 
								
							 
						 
						
							
							
								
								enable MQTT  
							
							... 
							
							
							
							as eagle eyed by @adepasquale 
							
						 
						
							2020-11-27 19:07:12 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Andrea De Pasquale 
								
							 
						 
						
							
							
							
							
								
							
							
								73a5847753 
								
							 
						 
						
							
							
								
								Suricata: update suricata.yaml config to 6.0.x  
							
							... 
							
							
							
							Merge in the latest updates from suricata-6.0.x while at the same time
keeping the custom T-Pot configuration.
https://github.com/OISF/suricata/blob/suricata-6.0.0/suricata.yaml.in  
							
						 
						
							2020-11-26 19:16:01 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Andrea De Pasquale 
								
							 
						 
						
							
							
							
							
								
							
							
								0010f99662 
								
							 
						 
						
							
							
								
								Suricata: disable eve.stats since it's unused  
							
							... 
							
							
							
							Prevent the error below by disabling stats globally and in eve-log:
<Error> - [ERRCODE: SC_ERR_STATS_LOG_GENERIC(278)] - eve.stats: stats are disabled globally: set stats.enabled to true. 
							
						 
						
							2020-11-25 17:07:49 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Andrea De Pasquale 
								
							 
						 
						
							
							
							
							
								
							
							
								e2f76c44cb 
								
							 
						 
						
							
							
								
								Suricata: update suricata.yaml config to 5.x  
							
							... 
							
							
							
							Merge in the latest updates from suricata-5.x while at the same time
keeping the custom T-Pot configuration.
https://github.com/OISF/suricata/blob/master-5.0.x/suricata.yaml.in  
							
						 
						
							2020-11-25 15:51:41 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								e26853c7fa 
								
							 
						 
						
							
							
								
								bump suricata to 5.0.4  
							
							
							
						 
						
							2020-10-28 17:53:23 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Brian Lechthaler 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								b1d8e293de 
								
							 
						 
						
							
							
								
								add DockerHub back in cap filter  
							
							... 
							
							
							
							see https://github.com/telekom-security/tpotce/pull/691#issuecomment-688648225  
							
						 
						
							2020-09-08 10:45:58 -07:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Brian Lechthaler 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								7fdf9edb60 
								
							 
						 
						
							
							
								
								Update Suricata Capture Filter for New Docker Repo  
							
							
							
						 
						
							2020-09-07 19:57:15 -07:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									listbot 
								
							 
						 
						
							
							
							
							
								
							
							
								47dca8b835 
								
							 
						 
						
							
							
								
								continue pin / prep images ghcr  
							
							
							
						 
						
							2020-09-04 12:37:28 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								0031980416 
								
							 
						 
						
							
							
								
								cleanup and prepare for docker image rebuilds  
							
							
							
						 
						
							2020-06-26 14:34:05 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								680194adf7 
								
							 
						 
						
							
							
								
								prep for new listbot FQDN  
							
							
							
						 
						
							2020-05-12 09:19:09 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marco Ochse 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								cbefe6a074 
								
							 
						 
						
							
							
								
								Update capture-filter.bpf  
							
							
							
						 
						
							2020-04-22 17:49:59 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								53e9470d58 
								
							 
						 
						
							
							
								
								cleanup  
							
							
							
						 
						
							2020-02-27 10:35:50 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								f11ad6b523 
								
							 
						 
						
							
							
								
								tweaking  
							
							... 
							
							
							
							ELK 7.6.0 is not ready for production, however it works if APM is enabled (disabled in config, so image wont build as precaution)
Remove SISSDEN from ewsposter, suricata
Bump suricata to 5.0.1
Alpine now support suricata incl. enabled JA3 support, move back to Alpine install 
							
						 
						
							2020-02-14 15:28:06 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								78135df9e7 
								
							 
						 
						
							
							
								
								Bump Suricata to 5.0.0  
							
							
							
						 
						
							2019-10-22 15:20:23 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								28f5491977 
								
							 
						 
						
							
							
								
								bump suricata to 4.1.4  
							
							
							
						 
						
							2019-06-07 13:00:20 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								20711cb633 
								
							 
						 
						
							
							
								
								clean up  
							
							
							
						 
						
							2019-03-26 16:30:14 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								c7e9015a5a 
								
							 
						 
						
							
							
								
								Bump Suricata to 4.1.3  
							
							... 
							
							
							
							Build with Rust
Enable JA3
Enable more protocols
Improve payload logging
... and more. 
							
						 
						
							2019-03-26 16:26:47 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								e8d8773863 
								
							 
						 
						
							
							
								
								tweaking  
							
							
							
						 
						
							2019-03-19 11:08:23 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								869f05ca8b 
								
							 
						 
						
							
							
								
								cleanup  
							
							
							
						 
						
							2019-03-01 21:08:36 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									listbot 
								
							 
						 
						
							
							
							
							
								
							
							
								6467a03d19 
								
							 
						 
						
							
							
								
								fix suricata ref location  
							
							
							
						 
						
							2019-02-28 20:59:20 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									listbot 
								
							 
						 
						
							
							
							
							
								
							
							
								65f242d322 
								
							 
						 
						
							
							
								
								cleanup  
							
							
							
						 
						
							2019-02-28 15:01:12 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								9f905f70de 
								
							 
						 
						
							
							
								
								prepare for new release  
							
							... 
							
							
							
							fix for installer, now always pointing to master repo
include adbhoney and dashboard 
							
						 
						
							2018-12-07 17:50:39 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								1c8074bce3 
								
							 
						 
						
							
							
								
								update docs, screenshots  
							
							
							
						 
						
							2018-11-24 01:05:21 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								ece169dd76 
								
							 
						 
						
							
							
								
								update docker-compose files  
							
							
							
						 
						
							2018-11-21 09:26:31 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									t3chn0m4g3 
								
							 
						 
						
							
							
							
							
								
							
							
								0c86bd9a5a 
								
							 
						 
						
							
							
								
								tweaking  
							
							
							
						 
						
							2018-09-11 12:19:26 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marco Ochse 
								
							 
						 
						
							
							
							
							
								
							
							
								42577b6016 
								
							 
						 
						
							
							
								
								Editions  
							
							... 
							
							
							
							start work on new editions 
							
						 
						
							2018-06-07 16:39:13 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marco Ochse 
								
							 
						 
						
							
							
							
							
								
							
							
								e8621fbba1 
								
							 
						 
						
							
							
								
								tweaking  
							
							
							
						 
						
							2018-06-04 13:43:59 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marco Ochse 
								
							 
						 
						
							
							
							
							
								
							
							
								38fce345cf 
								
							 
						 
						
							
							
								
								tweaking  
							
							... 
							
							
							
							fix condition when no internet connection is available
check internet connection before download of rules and avoid errors
check internet connection before setting up capture filters (with FQDNs, resulted in endless restart of suricata) and unset capture filters if no internet connection is available 
							
						 
						
							2018-05-23 13:02:19 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marco Ochse 
								
							 
						 
						
							
							
							
							
								
							
							
								004af6dec7 
								
							 
						 
						
							
							
								
								tweaking glutton, signals  
							
							
							
						 
						
							2018-04-17 13:54:57 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marco Ochse 
								
							 
						 
						
							
							
							
							
								
							
							
								594361a056 
								
							 
						 
						
							
							
								
								tweaking  
							
							
							
						 
						
							2018-03-30 17:17:17 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marco Ochse 
								
							 
						 
						
							
							
							
							
								
							
							
								df6e4dcd44 
								
							 
						 
						
							
							
								
								update logrotating, cleanup.sh, add Suricata ET Pro support, tweaking  
							
							
							
						 
						
							2018-03-30 16:41:46 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marco Ochse 
								
							 
						 
						
							
							
							
							
								
							
							
								fb37cb6152 
								
							 
						 
						
							
							
								
								Continue cleaning up and update documentation  
							
							
							
						 
						
							2017-10-23 14:56:37 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marco Ochse 
								
							 
						 
						
							
							
							
							
								
							
							
								0d5d80b1e3 
								
							 
						 
						
							
							
								
								include docker repos  
							
							... 
							
							
							
							... skip emobility since it is a dev repo 
							
						 
						
							2017-10-13 18:58:14 +00:00