Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-04-29 19:58:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
364 commits 8 branches 18 tags 388 MiB
Commit graph

275 commits

Author SHA1 Message Date
t3chn0m4g3
8aea1914bb add grace period after docker restart 2016-10-23 15:34:11 +02:00
t3chn0m4g3
1316834c9b include dashboard for rc 2016-10-23 12:59:06 +00:00
t3chn0m4g3
40c2b2c386 fix bugs, prepare for rc 2016-10-23 14:54:57 +02:00
t3chn0m4g3
93b00cb47a tweaking 2016-10-23 13:38:44 +02:00
t3chn0m4g3
c8f2739d11 bring dashboards back, tweaking and prepare for beta 2016-10-23 10:34:08 +00:00
t3chn0m4g3
8051e32f95 set kibana as homepage 2016-10-18 08:28:12 +00:00
Marco Ochse
b677a190da update ports 2016-10-17 10:37:40 +02:00
t3chn0m4g3
09da808e6e rename time field 2016-10-12 07:33:44 +00:00
t3chn0m4g3
f4427442e0 rename remote_addr field to src_ip 2016-10-11 12:42:18 +00:00
t3chn0m4g3
52d542a646 enable nginx JSON logging 2016-10-11 12:30:30 +00:00
t3chn0m4g3
e2d86dc0a7 modify systemd configs for dionaea and honeytrap 2016-09-24 16:54:49 +00:00
t3chn0m4g3
c445d82f6e tweaking 2016-09-10 21:10:31 +00:00
t3chn0m4g3
0aa7865e42 tweaking 2016-08-29 23:24:25 +00:00
t3chn0m4g3
0f2f5ff1db add dashboard notification 2016-08-29 19:21:35 +00:00
t3chn0m4g3
154ea080f6 fix bug suricata systemd 
ethtool is unable to change interface settings
 2016-08-29 19:10:39 +00:00
t3chn0m4g3
173e2c040b cowrie just learned telnet, adjusting systemd configs 2016-08-28 14:09:08 +00:00
t3chn0m4g3
7fe0f23b83 tweaking 2016-08-26 11:54:22 +00:00
Marco Ochse
f5a5478732 account for new es cluster name 2016-08-26 13:28:41 +02:00
t3chn0m4g3
fd14e731d2 account for hostname gen fail 2016-08-22 15:24:48 +00:00
t3chn0m4g3
bd29236c47 tweaking dps.sh 2016-08-15 05:46:57 +00:00
Marco Ochse
a90f7cdf23 add user and root prompt, cleanup 2016-08-12 22:21:02 +02:00
t3chn0m4g3
79790c51a9 suricata, find interface in absence of default gateway 2016-08-09 23:26:03 +00:00
Marco Ochse
b6707b70ba find interface in absence of default gateway 2016-08-10 00:51:34 +02:00
t3chn0m4g3
f72af08666 change button titles 2016-08-09 21:10:32 +00:00
t3chn0m4g3
ca81647e28 add navbar background with magenta 2016-08-09 03:33:14 +00:00
t3chn0m4g3
8456878a5b tweak /ui/ location 2016-08-09 03:26:08 +00:00
Marco Ochse
f651bf32a0 change spacings, margins 2016-08-08 17:03:23 +02:00
t3chn0m4g3
fcbd650ba2 cleanup 2016-08-08 13:54:25 +00:00
t3chn0m4g3
8372e715b6 change landing page topnav with frame 2016-08-08 13:52:24 +00:00
Marco Ochse
f038173920 Web based access 
It is now possible to access T-Pot web based and without a SSH tunnel
 2016-08-08 02:21:02 +02:00
Marco Ochse
2619e943a1 tweaking, fixing 2016-08-07 19:13:07 +02:00
Marco Ochse
d16698877b tweaking, bugfixing 2016-08-07 19:08:13 +02:00
t3chn0m4g3
bbb708b988 tweaking, bugfixes 2016-08-06 22:06:31 +00:00
t3chn0m4g3
62b349eab3 modify installer for new config 2016-08-01 13:25:58 +00:00
t3chn0m4g3
12842527bb some basic config stuff 2016-07-30 00:32:03 +00:00
Marco Ochse
caf35b485f tweaking 2016-07-29 20:38:33 +02:00
Marco Ochse
67b8031453 old indices were not deleted 
escaping timestring format fixes it
 2016-07-21 17:42:53 +02:00
Marco Ochse
cef8e5fded old indices were not deleted 
escaping timestring format fixes it
 2016-07-21 17:39:40 +02:00
Marco Ochse
0df2d3bbf6 allow tunneled connections for head plugin 2016-07-19 18:39:20 +02:00
Marco Ochse
869320652c Reduce Installer Size to <50MB 
T-Pot ISO Creator will now create images based on the Ubuntu Network Installer (mini.iso). This results in a greatly reduced size for the T-Pot Installer with now being just about 49MB. T-Pot was only using the base install packages of the 700MB Ubuntu Server ISO and still had to download the latest packages anyway. The advantages are a) reduced download size for the Ubuntu Network Installer instead of the full image, b) the latest packages are already installed during the base installation and c) the resulting T-Pot ISO can be distributed easier.
 2016-07-09 01:23:12 +02:00
Marco Ochse
4fce521579 include alerta-cli 2016-06-19 00:20:02 +02:00
Marco Ochse
574ff3f9a7 add cgroup option at boot 2016-06-17 16:05:11 +02:00
Marco Ochse
f3f20f1d39 typo 2016-06-02 18:54:09 +02:00
Marco Ochse
c955d641c3 tweaking 2016-06-02 18:50:43 +02:00
Marco Ochse
00dd446f7d Move install upgrades towards end of the installer since update of some kernel modules prevent docker daemon from starting if not rebooted first. 2016-06-01 22:10:31 +02:00
Marco Ochse
bf7478442e update dionaea path layout 2016-06-01 17:46:06 +02:00
Marco Ochse
862bb550b0 update dionaea log path 2016-06-01 16:08:23 +02:00
Marco Ochse
ae2224a2ce remove upstart path / add systemd path 2016-05-30 22:38:28 +02:00
t3chn0m4g3
acf1c804ee point to 16.10 images on dockerhub 2016-05-30 14:51:32 +00:00
Marco Ochse
dac91cc208 systemd - follow up services 2016-05-29 14:48:17 +02:00
Marco Ochse
faff7a17bf systemd - a service awakens 2016-05-29 00:03:46 +02:00
Marco Ochse
fbfb5a1d90 very basic installation stuff 2016-05-12 19:26:06 +02:00
Marco Ochse
6e3f3b8d24 restart docker service to avoid race ... 
... if images have been deleted.
 2016-04-20 18:44:22 +02:00
Marco Ochse
61cb968deb include updated kibana objects 2016-03-15 14:39:04 +01:00
t3chn0m4g3
3d67132c91 correct typo 2016-03-13 03:24:52 +01:00
t3chn0m4g3
8706a4343a host auth.log, syslog => ELK 
change local timezone to UTC, incl. new .kibana index, update upstart
for elk
 2016-03-13 02:05:40 +01:00
t3chn0m4g3
f64c84930a need to delete all log files 2016-03-11 16:44:54 +01:00
t3chn0m4g3
0769d1fb24 update 2016-03-10 18:44:59 +01:00
t3chn0m4g3
d0cd1fe11f fix race 2016-03-10 18:40:28 +01:00
t3chn0m4g3
d5a299c34c update 2016-03-10 17:34:42 +01:00
t3chn0m4g3
e23eab4897 elk log files need housekeeping 2016-03-10 15:36:16 +01:00
t3chn0m4g3
c7516ae1f8 keep elkbase.tgz 
In some rare occasions the .kibana index might be corrupted
(IOException) resulting in missing translogs and thus preventing
.kibana index from getting indexed (happens during a power failure). A
quick fix is to delete the contents in
“/data/elk/data/elasticsearch/nodes/0/indices/.kibana/*“, extract
elkbase.tgz to a temp folder (tar xvfz elkbase.tgz /tmp/) and copy “cp
-R /tmp/data/elk/data/elasticsearch/nodes/0/indices/.kibana/*
/data/elk/data/elasticsearch/nodes/0/indices/.kibana/“.
Make sure to stop service checks (“/etc/crontab”) and stop elk (service
elk stop) before doing this.
 2016-03-09 22:10:44 +01:00
t3chn0m4g3
f9e67c897c clean up, update readme 2016-03-09 14:05:06 +01:00
Marco Ochse
6f18240ade only apt-get upgrade during install 2016-03-08 18:37:37 +01:00
t3chn0m4g3
4c83de3995 rewrite 2fa_enable, delete ssh_enable 2016-03-07 15:48:44 +01:00
t3chn0m4g3
71b838c6e2 rewrite 2fa_enable, delete ssh_enable 2016-03-07 15:48:07 +01:00
t3chn0m4g3
211894753f tweaking 2016-03-07 13:13:52 +01:00
t3chn0m4g3
392fb9c344 T-Pot is now in beta 2 - stage 2016-03-06 17:51:54 +01:00
t3chn0m4g3
4ef5252c85 update version info 2016-03-06 17:38:33 +01:00
t3chn0m4g3
c7341998bc install docker-engine 1.10.2 2016-03-06 17:21:49 +01:00
t3chn0m4g3
2d5c498860 tweaking, persistence 2016-03-04 21:47:14 +01:00
t3chn0m4g3
a7f98902e3 turn persistence off by default 2016-03-03 17:48:04 +01:00
t3chn0m4g3
ed797cf62d update readme, upstart 2016-03-03 17:45:49 +01:00
Marco Ochse
68556e8651 conpot - support persistence 2016-03-02 17:12:58 +01:00
Marco Ochse
1089993579 update housekeeping for elasticsearch, keep indexes for <=90 days 2016-03-02 16:21:17 +01:00
t3chn0m4g3
1902696c75 include new index, dashbaords, tweaks 2016-02-22 17:47:24 +01:00
t3chn0m4g3
994aed3e31 include conpot 2016-02-19 17:52:45 +01:00
Marco Ochse
1c5279907e update docker 1.10.1-0~trusty 2016-02-15 18:07:03 +01:00
Marco Ochse
702de8c281 modify installer and image selection 2016-02-13 00:21:44 +01:00
Marco Ochse
2dc676868d scripts, configs, optimizations, dashboard base 2016-02-12 22:47:19 +01:00
Marco Ochse
792142a6f1 update for elasticpotpy 2016-02-11 18:52:45 +01:00
t3chn0m4g3
4797fb155c update emobility/ews logging 2016-02-11 15:52:19 +01:00
t3chn0m4g3
6615046d02 update docker installation method 2016-02-11 14:59:22 +01:00
t3chn0m4g3
6cc229c610 update docker installation method 2016-02-11 14:57:10 +01:00
Marco Ochse
e55286a5b6 update emobility log path 2016-02-11 13:16:20 +01:00
t3chn0m4g3
97890321e4 no automatic upgrade of docker-engine major releases 2016-02-09 11:54:55 +01:00
Marco Ochse
f4d10179fc elk upstart tweaking 2016-02-08 23:23:42 +01:00
Marco Ochse
0f1b6fc765 honeytrap upstart tweaking, include latest dashboard 2016-02-08 23:07:10 +01:00
Marco Ochse
c1de2a725c pull images and replace upstart scripts 2016-02-08 16:50:28 +01:00
Marco Ochse
8c94d6d9a5 tweaking 2016-02-08 15:57:27 +01:00
Marco Ochse
0acc5a4a21 update honeytrap.conf for tcp/8080 passthru 2016-02-08 15:20:33 +01:00
Marco Ochse
cbccc7c83f include emobility 2016-02-08 15:03:56 +01:00
Marco Ochse
8165e8f91f prevent race condition for ewsposter/ews.ip at first start 2016-02-08 13:37:02 +01:00
Marco Ochse
ebb58955c4 prepare for emobility 2016-02-08 12:21:03 +01:00
Marco Ochse
63ba812446 clear logs 2016-02-06 04:13:32 +01:00
Marco Ochse
87a472be74 modify folder layout for elasticpot 2016-02-04 10:23:31 +01:00
t3chn0m4g3
86c57328fc enable color prompt 2016-02-03 15:10:19 +01:00
Marco Ochse
187cd77b26 disable ssh roaming 2016-01-29 17:56:26 +01:00
Marco Ochse
403e57c6d4 upstart changes dionaea, honeytrap 2016-01-27 10:46:01 +01:00
Marco Ochse
3f51fe8d67 update elasticpot upstart script 2016-01-15 23:18:32 +01:00
Marco Ochse
d4aa333e6f some changes for elasticpot 2016-01-15 23:11:49 +01:00
Marco Ochse
f3b2949eae minor changes 2016-01-14 18:01:25 +01:00
marco
ba4162adfb some bug fixes 2016-01-14 09:46:02 +01:00
Marco
ea41054eab update ews.cfg 2016-01-11 09:56:14 +01:00
Marco Ochse
74cfe25346 update /data folder layout 2015-12-15 14:55:47 +01:00
Marco Ochse
3ba8567671 honeytrap will log to host /data/honeytrap 2015-12-15 14:53:02 +01:00
Marco Ochse
c4903fef66 dionaea will log to host /data/dionaea 2015-12-14 18:08:59 +01:00
Marco Ochse
8ebdadb5f2 update /data folder layout 2015-12-14 17:42:35 +01:00
Marco Ochse
e2b5e94f78 cowrie will log to host /data/cowrie 2015-12-14 17:36:37 +01:00
Marco Ochse
edb0a4f9d4 cowrie will log to host /data/cowrie 2015-12-14 17:35:54 +01:00
Marco Ochse
56c5580f41 update /data folder layout 2015-12-14 14:53:20 +01:00
Marco Ochse
7c041411a8 update /data folder layout 2015-12-14 14:32:30 +01:00
Marco Ochse
91b5ddce8d glastopf will log to host /data/glastopf 2015-12-14 14:28:05 +01:00
Marco Ochse
a5130cbc91 set alpha order 2015-12-11 20:58:50 +01:00
Marco Ochse
913fa2c145 set alpha order 2015-12-11 20:58:06 +01:00
Marco Ochse
2fa90abb86 set alpha order 2015-12-11 20:57:35 +01:00
Marco Ochse
9a20f95d93 Include ewsposter 2015-12-11 20:08:12 +01:00
Marco Ochse
bcba6b7390 log json output to host 2015-12-11 16:26:41 +01:00
Marco Ochse
6ec9f80343 add log folder for /data/suricata 2015-12-11 14:40:41 +01:00
Marco Ochse
7bd993bf93 add mkdir for suricata 2015-12-11 14:18:16 +01:00
Marco Ochse
d21bec3d05 Include ewsposter 2015-12-11 13:29:12 +01:00
Marco Ochse
7b635e9fe9 Include ewsposter 2015-12-11 12:18:40 +01:00
Marco Ochse
a9b38fcbdb update versioning 2015-12-11 12:18:12 +01:00
Marco Ochse
86c18b1118 Include ewsposter 2015-12-09 17:28:28 +01:00
Marco Ochse
e911c750af create ewsposter json folders in /data/ews/<honeypotname> 
create ewsposter json folders in /data/ews/<honeypotname>
 2015-12-09 17:25:02 +01:00
marco
f06935fe63 prepare for T-Pot 16.03 2015-12-08 15:47:39 +01:00
Marco Ochse
0701b5f2f4 fix race condition 
after reboot volumes are not properly shared, although all services are started properly.
 2015-11-02 12:13:46 +01:00
Marco Ochse
d2587dc3ad fix race condition 
after reboot volumes are not properly shared, although all services are started properly.
 2015-11-02 12:11:44 +01:00
Marco Ochse
58b76780e2 fix race condition 
after reboot volumes are not properly shared, although all services are started properly.
 2015-11-02 12:10:15 +01:00
Marco Ochse
1e5ef4bce8 fix race condition 
after reboot volumes are not properly shared, although all services are started properly.
 2015-11-02 12:09:02 +01:00
Marco Ochse
a92fd55e23 fix race condition 
after reboot volumes are not properly shared, although all services are started properly.
 2015-11-02 12:08:00 +01:00
Marco Ochse
3834df3367 fix race condition 
after reboot volumes are not properly shared, although all services are started properly.
 2015-11-02 12:06:44 +01:00
Marco Ochse
d65fbc1cd6 fix race condition 
after reboot volumes are not properly shared, although all services are started properly.
 2015-11-02 12:04:59 +01:00
t3chn0m4g3
3f810c2c73 use new docker repo, update fix script 2015-08-14 16:39:02 +02:00
t3chn0m4g3
f9241615d2 use ubuntu server 14.04.3 2015-08-11 17:23:21 +02:00
t3chn0m4g3
94b1dda16f fix volume bug & script 2015-08-07 23:45:50 +02:00
t3chn0m4g3
2c1d7ceae7 fix volume bug 2015-08-07 22:32:15 +02:00
Marco Ochse
0a0e9c67ce Adjust sleep timers 
should be working fine now with 2*30 secsonds
 2015-07-14 10:08:23 +02:00
Marco Ochse
ced36070d2 remove sleep modification 
some problems occured with modified sleeps
 2015-07-14 09:01:44 +02:00
Marco Ochse
d936288771 minor tweaks 
use docker 1.7.0, wait for network no longer than 20s, reboot on kernel panic/oops
 2015-07-08 10:50:25 +02:00
Marco Ochse
bf28629325 use docker 1.6.2 
updated all image on docker hub, now the installation of images is going faster with 1.6.2
 2015-06-12 11:59:06 +02:00
Marco Ochse
b01b80ee1c remove stdin option from docker exec 2015-06-12 11:43:20 +02:00
Marco Ochse
191678f3ab remove stdin option from docker exec 2015-06-12 11:35:59 +02:00
Marco Ochse
537f0c39e6 take care of check.lock 
on some installations the check.lock file will not be removed. once a day it will be removed now.
 2015-05-18 11:19:12 +02:00
t3chn0m4g3
d974907109 Escaping special characters ($) 2015-03-09 16:03:27 +01:00
t3chn0m4g3
1ec9f81f3c correct ews.ip owner after ip update 2015-03-03 15:59:20 +01:00
t3chn0m4g3
89df9c78e5 Clean up elastic indices >30d 2015-02-21 00:50:15 +01:00
t3chn0m4g3
2f52bf81cd Update elk.conf 
Change forwarded port to 8080, so the local tunnel port can be high port an by that is forced to 8080 also
 2015-02-20 21:53:59 +01:00
t3chn0m4g3
19ff7a994c Daily check for latest images from dockerhub 2015-02-19 16:58:43 +01:00
t3chn0m4g3
b5313b1100 Clean up untagged images 
If newer image versions will be downloaded the old ones will be untagged and thus will be deleted using
$ docker rmi $(docker images | grep "^<none>" | awk '{print $3}')
 2015-02-19 16:37:45 +01:00