Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-04-29 11:48:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
362 commits 8 branches 18 tags 388 MiB
Commit graph

274 commits

Author SHA1 Message Date
Marco Ochse
fbfb5a1d90 very basic installation stuff 2016-05-12 19:26:06 +02:00
Marco Ochse
6e3f3b8d24 restart docker service to avoid race ... 
... if images have been deleted.
 2016-04-20 18:44:22 +02:00
Marco Ochse
61cb968deb include updated kibana objects 2016-03-15 14:39:04 +01:00
t3chn0m4g3
3d67132c91 correct typo 2016-03-13 03:24:52 +01:00
t3chn0m4g3
8706a4343a host auth.log, syslog => ELK 
change local timezone to UTC, incl. new .kibana index, update upstart
for elk
 2016-03-13 02:05:40 +01:00
t3chn0m4g3
f64c84930a need to delete all log files 2016-03-11 16:44:54 +01:00
t3chn0m4g3
0769d1fb24 update 2016-03-10 18:44:59 +01:00
t3chn0m4g3
d0cd1fe11f fix race 2016-03-10 18:40:28 +01:00
t3chn0m4g3
d5a299c34c update 2016-03-10 17:34:42 +01:00
t3chn0m4g3
e23eab4897 elk log files need housekeeping 2016-03-10 15:36:16 +01:00
t3chn0m4g3
c7516ae1f8 keep elkbase.tgz 
In some rare occasions the .kibana index might be corrupted
(IOException) resulting in missing translogs and thus preventing
.kibana index from getting indexed (happens during a power failure). A
quick fix is to delete the contents in
“/data/elk/data/elasticsearch/nodes/0/indices/.kibana/*“, extract
elkbase.tgz to a temp folder (tar xvfz elkbase.tgz /tmp/) and copy “cp
-R /tmp/data/elk/data/elasticsearch/nodes/0/indices/.kibana/*
/data/elk/data/elasticsearch/nodes/0/indices/.kibana/“.
Make sure to stop service checks (“/etc/crontab”) and stop elk (service
elk stop) before doing this.
 2016-03-09 22:10:44 +01:00
t3chn0m4g3
f9e67c897c clean up, update readme 2016-03-09 14:05:06 +01:00
Marco Ochse
6f18240ade only apt-get upgrade during install 2016-03-08 18:37:37 +01:00
t3chn0m4g3
4c83de3995 rewrite 2fa_enable, delete ssh_enable 2016-03-07 15:48:44 +01:00
t3chn0m4g3
71b838c6e2 rewrite 2fa_enable, delete ssh_enable 2016-03-07 15:48:07 +01:00
t3chn0m4g3
211894753f tweaking 2016-03-07 13:13:52 +01:00
t3chn0m4g3
392fb9c344 T-Pot is now in beta 2 - stage 2016-03-06 17:51:54 +01:00
t3chn0m4g3
4ef5252c85 update version info 2016-03-06 17:38:33 +01:00
t3chn0m4g3
c7341998bc install docker-engine 1.10.2 2016-03-06 17:21:49 +01:00
t3chn0m4g3
2d5c498860 tweaking, persistence 2016-03-04 21:47:14 +01:00
t3chn0m4g3
a7f98902e3 turn persistence off by default 2016-03-03 17:48:04 +01:00
t3chn0m4g3
ed797cf62d update readme, upstart 2016-03-03 17:45:49 +01:00
Marco Ochse
68556e8651 conpot - support persistence 2016-03-02 17:12:58 +01:00
Marco Ochse
1089993579 update housekeeping for elasticsearch, keep indexes for <=90 days 2016-03-02 16:21:17 +01:00
t3chn0m4g3
1902696c75 include new index, dashbaords, tweaks 2016-02-22 17:47:24 +01:00
t3chn0m4g3
994aed3e31 include conpot 2016-02-19 17:52:45 +01:00
Marco Ochse
1c5279907e update docker 1.10.1-0~trusty 2016-02-15 18:07:03 +01:00
Marco Ochse
702de8c281 modify installer and image selection 2016-02-13 00:21:44 +01:00
Marco Ochse
2dc676868d scripts, configs, optimizations, dashboard base 2016-02-12 22:47:19 +01:00
Marco Ochse
792142a6f1 update for elasticpotpy 2016-02-11 18:52:45 +01:00
t3chn0m4g3
4797fb155c update emobility/ews logging 2016-02-11 15:52:19 +01:00
t3chn0m4g3
6615046d02 update docker installation method 2016-02-11 14:59:22 +01:00
t3chn0m4g3
6cc229c610 update docker installation method 2016-02-11 14:57:10 +01:00
Marco Ochse
e55286a5b6 update emobility log path 2016-02-11 13:16:20 +01:00
t3chn0m4g3
97890321e4 no automatic upgrade of docker-engine major releases 2016-02-09 11:54:55 +01:00
Marco Ochse
f4d10179fc elk upstart tweaking 2016-02-08 23:23:42 +01:00
Marco Ochse
0f1b6fc765 honeytrap upstart tweaking, include latest dashboard 2016-02-08 23:07:10 +01:00
Marco Ochse
c1de2a725c pull images and replace upstart scripts 2016-02-08 16:50:28 +01:00
Marco Ochse
8c94d6d9a5 tweaking 2016-02-08 15:57:27 +01:00
Marco Ochse
0acc5a4a21 update honeytrap.conf for tcp/8080 passthru 2016-02-08 15:20:33 +01:00
Marco Ochse
cbccc7c83f include emobility 2016-02-08 15:03:56 +01:00
Marco Ochse
8165e8f91f prevent race condition for ewsposter/ews.ip at first start 2016-02-08 13:37:02 +01:00
Marco Ochse
ebb58955c4 prepare for emobility 2016-02-08 12:21:03 +01:00
Marco Ochse
63ba812446 clear logs 2016-02-06 04:13:32 +01:00
Marco Ochse
87a472be74 modify folder layout for elasticpot 2016-02-04 10:23:31 +01:00
t3chn0m4g3
86c57328fc enable color prompt 2016-02-03 15:10:19 +01:00
Marco Ochse
187cd77b26 disable ssh roaming 2016-01-29 17:56:26 +01:00
Marco Ochse
403e57c6d4 upstart changes dionaea, honeytrap 2016-01-27 10:46:01 +01:00
Marco Ochse
3f51fe8d67 update elasticpot upstart script 2016-01-15 23:18:32 +01:00
Marco Ochse
d4aa333e6f some changes for elasticpot 2016-01-15 23:11:49 +01:00
Marco Ochse
f3b2949eae minor changes 2016-01-14 18:01:25 +01:00
marco
ba4162adfb some bug fixes 2016-01-14 09:46:02 +01:00
Marco
ea41054eab update ews.cfg 2016-01-11 09:56:14 +01:00
Marco Ochse
74cfe25346 update /data folder layout 2015-12-15 14:55:47 +01:00
Marco Ochse
3ba8567671 honeytrap will log to host /data/honeytrap 2015-12-15 14:53:02 +01:00
Marco Ochse
c4903fef66 dionaea will log to host /data/dionaea 2015-12-14 18:08:59 +01:00
Marco Ochse
8ebdadb5f2 update /data folder layout 2015-12-14 17:42:35 +01:00
Marco Ochse
e2b5e94f78 cowrie will log to host /data/cowrie 2015-12-14 17:36:37 +01:00
Marco Ochse
edb0a4f9d4 cowrie will log to host /data/cowrie 2015-12-14 17:35:54 +01:00
Marco Ochse
56c5580f41 update /data folder layout 2015-12-14 14:53:20 +01:00
Marco Ochse
7c041411a8 update /data folder layout 2015-12-14 14:32:30 +01:00
Marco Ochse
91b5ddce8d glastopf will log to host /data/glastopf 2015-12-14 14:28:05 +01:00
Marco Ochse
a5130cbc91 set alpha order 2015-12-11 20:58:50 +01:00
Marco Ochse
913fa2c145 set alpha order 2015-12-11 20:58:06 +01:00
Marco Ochse
2fa90abb86 set alpha order 2015-12-11 20:57:35 +01:00
Marco Ochse
9a20f95d93 Include ewsposter 2015-12-11 20:08:12 +01:00
Marco Ochse
bcba6b7390 log json output to host 2015-12-11 16:26:41 +01:00
Marco Ochse
6ec9f80343 add log folder for /data/suricata 2015-12-11 14:40:41 +01:00
Marco Ochse
7bd993bf93 add mkdir for suricata 2015-12-11 14:18:16 +01:00
Marco Ochse
d21bec3d05 Include ewsposter 2015-12-11 13:29:12 +01:00
Marco Ochse
7b635e9fe9 Include ewsposter 2015-12-11 12:18:40 +01:00
Marco Ochse
a9b38fcbdb update versioning 2015-12-11 12:18:12 +01:00
Marco Ochse
86c18b1118 Include ewsposter 2015-12-09 17:28:28 +01:00
Marco Ochse
e911c750af create ewsposter json folders in /data/ews/<honeypotname> 
create ewsposter json folders in /data/ews/<honeypotname>
 2015-12-09 17:25:02 +01:00
marco
f06935fe63 prepare for T-Pot 16.03 2015-12-08 15:47:39 +01:00
Marco Ochse
0701b5f2f4 fix race condition 
after reboot volumes are not properly shared, although all services are started properly.
 2015-11-02 12:13:46 +01:00
Marco Ochse
d2587dc3ad fix race condition 
after reboot volumes are not properly shared, although all services are started properly.
 2015-11-02 12:11:44 +01:00
Marco Ochse
58b76780e2 fix race condition 
after reboot volumes are not properly shared, although all services are started properly.
 2015-11-02 12:10:15 +01:00
Marco Ochse
1e5ef4bce8 fix race condition 
after reboot volumes are not properly shared, although all services are started properly.
 2015-11-02 12:09:02 +01:00
Marco Ochse
a92fd55e23 fix race condition 
after reboot volumes are not properly shared, although all services are started properly.
 2015-11-02 12:08:00 +01:00
Marco Ochse
3834df3367 fix race condition 
after reboot volumes are not properly shared, although all services are started properly.
 2015-11-02 12:06:44 +01:00
Marco Ochse
d65fbc1cd6 fix race condition 
after reboot volumes are not properly shared, although all services are started properly.
 2015-11-02 12:04:59 +01:00
t3chn0m4g3
3f810c2c73 use new docker repo, update fix script 2015-08-14 16:39:02 +02:00
t3chn0m4g3
f9241615d2 use ubuntu server 14.04.3 2015-08-11 17:23:21 +02:00
t3chn0m4g3
94b1dda16f fix volume bug & script 2015-08-07 23:45:50 +02:00
t3chn0m4g3
2c1d7ceae7 fix volume bug 2015-08-07 22:32:15 +02:00
Marco Ochse
0a0e9c67ce Adjust sleep timers 
should be working fine now with 2*30 secsonds
 2015-07-14 10:08:23 +02:00
Marco Ochse
ced36070d2 remove sleep modification 
some problems occured with modified sleeps
 2015-07-14 09:01:44 +02:00
Marco Ochse
d936288771 minor tweaks 
use docker 1.7.0, wait for network no longer than 20s, reboot on kernel panic/oops
 2015-07-08 10:50:25 +02:00
Marco Ochse
bf28629325 use docker 1.6.2 
updated all image on docker hub, now the installation of images is going faster with 1.6.2
 2015-06-12 11:59:06 +02:00
Marco Ochse
b01b80ee1c remove stdin option from docker exec 2015-06-12 11:43:20 +02:00
Marco Ochse
191678f3ab remove stdin option from docker exec 2015-06-12 11:35:59 +02:00
Marco Ochse
537f0c39e6 take care of check.lock 
on some installations the check.lock file will not be removed. once a day it will be removed now.
 2015-05-18 11:19:12 +02:00
t3chn0m4g3
d974907109 Escaping special characters ($) 2015-03-09 16:03:27 +01:00
t3chn0m4g3
1ec9f81f3c correct ews.ip owner after ip update 2015-03-03 15:59:20 +01:00
t3chn0m4g3
89df9c78e5 Clean up elastic indices >30d 2015-02-21 00:50:15 +01:00
t3chn0m4g3
2f52bf81cd Update elk.conf 
Change forwarded port to 8080, so the local tunnel port can be high port an by that is forced to 8080 also
 2015-02-20 21:53:59 +01:00
t3chn0m4g3
19ff7a994c Daily check for latest images from dockerhub 2015-02-19 16:58:43 +01:00
t3chn0m4g3
b5313b1100 Clean up untagged images 
If newer image versions will be downloaded the old ones will be untagged and thus will be deleted using
$ docker rmi $(docker images | grep "^<none>" | awk '{print $3}')
 2015-02-19 16:37:45 +01:00
t3chn0m4g3
bd47901cde Modify owner for enable scripts 
Close issue #15
 2015-02-17 11:03:27 +01:00
t3chn0m4g3
51905184f1 include ews.cfg and minor tweaks 2015-02-16 19:03:16 +01:00
t3chn0m4g3
c0b8cd59db keyboard detection, unmount active 2015-02-15 00:23:48 +01:00
t3chn0m4g3
b237339178 Install docker 1.5.0 2015-02-11 15:56:14 +01:00
t3chn0m4g3
a42689af22 Delete docker.conf 
Close issue #11, docker released fixed docker.conf in docker 1.5.0.
 2015-02-11 15:51:32 +01:00
t3chn0m4g3
c36d014e07 Lookup external IP 2015-02-05 14:03:27 +01:00
t3chn0m4g3
fa92b2ea09 erase ip info 2015-02-05 14:02:51 +01:00
t3chn0m4g3
bf97332e65 Execute rc.local after to update /etc/issue and IPs 2015-02-05 14:01:49 +01:00
t3chn0m4g3
3af4e0300a Added curl to dependencies 2015-02-05 14:00:00 +01:00
t3chn0m4g3
d81f4da035 Update configs and scripts 2015-01-30 21:40:01 +01:00
t3chn0m4g3
bd4e58dca7 Update installer 2015-01-28 17:08:34 +01:00
t3chn0m4g3
41ab55f957 Installer upgrade 2015-01-27 17:46:52 +01:00
t3chn0m4g3
1cb5191bba iptables wait switch 2015-01-22 17:14:02 +01:00
t3chn0m4g3
97a5ae7643 correct iptables syntax 2015-01-22 10:57:56 +01:00
t3chn0m4g3
e024bbe294 iptables exclude ports 2015-01-22 10:10:38 +01:00
t3chn0m4g3
6732d6863c fix permissions 2015-01-21 18:03:32 +01:00
t3chn0m4g3
3ba90dc382 update install scripts and cleanup 2015-01-21 17:51:32 +01:00
t3chn0m4g3
109bf69c6e set --rm=true 
for all upstart commands
 2015-01-12 13:38:14 +01:00
t3chn0m4g3
4a2ce5a13e clear is ignored, replace with echo 2014-12-18 19:07:21 +01:00
t3chn0m4g3
333da3ad62 fix wakeup from console 
some device / monitor combinations have a problem waking up from consoleblank
 2014-12-18 18:38:32 +01:00
t3chn0m4g3
3d6aee54e3 clear /dev/tty2 before output 2014-12-18 18:24:00 +01:00
t3chn0m4g3
02a6777f1b fix typo 2014-12-18 18:15:13 +01:00
t3chn0m4g3
3490eb6887 show container status on /dev/tty2 
close issue #4 and show container status via /dev/tty2
 2014-12-18 17:17:50 +01:00
t3chn0m4g3
762cfd05fe iptables will wait for exclusive access 
iptables will wait for exclusive access using the "-w" switch if another process has already a lock on it.
 2014-12-18 14:20:54 +01:00
t3chn0m4g3
6bd6f4bbdb Init 2014-11-28 18:02:20 +01:00