Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-10-13 20:09:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Compare commits

base: Alex-Devera:663b509e903dfb4c6f1fdcf3d97e917b5ff796c7
Branches Tags
Alex-Devera:master
Alex-Devera:dependabot/github_actions/dot-github/workflows/lycheeverse/lychee-action-2.0.2
Alex-Devera:24.04
Alex-Devera:alpha
Alex-Devera:22.04
Alex-Devera:dev
Alex-Devera:20.06
Alex-Devera:19.03
Alex-Devera:18.11
Alex-Devera:24.04.1
Alex-Devera:24.04.0
Alex-Devera:24.04.0beta
Alex-Devera:22.04.0
Alex-Devera:20.06.2
Alex-Devera:20.06.1
Alex-Devera:20.06.0
Alex-Devera:19.03.3
Alex-Devera:19.03.1
Alex-Devera:19.03
Alex-Devera:19.03.beta
Alex-Devera:18.11.1
Alex-Devera:18.11
Alex-Devera:17.10
Alex-Devera:17.10.beta
Alex-Devera:17.10.alpha
Alex-Devera:16.10.1
Alex-Devera:16.10
..
compare: Alex-Devera:4c4056c4898f38b133e856cd9265419cac39dd86
Branches Tags
Alex-Devera:master
Alex-Devera:dependabot/github_actions/dot-github/workflows/lycheeverse/lychee-action-2.0.2
Alex-Devera:24.04
Alex-Devera:alpha
Alex-Devera:22.04
Alex-Devera:dev
Alex-Devera:20.06
Alex-Devera:19.03
Alex-Devera:18.11
Alex-Devera:24.04.1
Alex-Devera:24.04.0
Alex-Devera:24.04.0beta
Alex-Devera:22.04.0
Alex-Devera:20.06.2
Alex-Devera:20.06.1
Alex-Devera:20.06.0
Alex-Devera:19.03.3
Alex-Devera:19.03.1
Alex-Devera:19.03
Alex-Devera:19.03.beta
Alex-Devera:18.11.1
Alex-Devera:18.11
Alex-Devera:17.10
Alex-Devera:17.10.beta
Alex-Devera:17.10.alpha
Alex-Devera:16.10.1
Alex-Devera:16.10

8 commits
663b509e90 ... 4c4056c489

Author SHA1 Message Date
t3chn0m4g3
4c4056c489 add 24.04 tag for removal 2024-12-10 17:50:29 +01:00
t3chn0m4g3
99aae57e59 correct rocky version 2024-12-10 16:00:00 +01:00
t3chn0m4g3
da151150e5 add more installation types 2024-12-10 15:50:42 +01:00
t3chn0m4g3
743dcdae95 Update ISO download links 2024-12-10 15:50:03 +01:00
t3chn0m4g3
e8dc0c9c3d set vm.max_map_count, fixes #1618 2024-12-10 15:48:17 +01:00
t3chn0m4g3
1d3cc7cd4a set .env to 24.04.1 2024-12-10 14:11:52 +01:00
t3chn0m4g3
d7c26b49ed update elk objects 2024-12-10 14:05:00 +01:00
t3chn0m4g3
ca40bab5ee update version tag to 24.04.1 2024-12-10 10:37:24 +01:00
10 changed files with 76 additions and 13 deletions
Show stats Expand all files Collapse all files

4
.env
View file

@ -126,7 +126,7 @@ BEELZEBUB_OLLAMA_MODEL: "openchat"
# GALAH_LLM_CLOUD_PROJECT: ""
GALAH_LLM_PROVIDER: "ollama"
GALAH_LLM_SERVER_URL: "http://ollama.local:11434"
GALAH_LLM_MODEL: "llama3"
GALAH_LLM_MODEL: "llama3.1"
###################################################################################
@ -149,7 +149,7 @@ TPOT_DOCKER_COMPOSE=./docker-compose.yml
TPOT_REPO=dtagdevsec
# T-Pot Version Tag
TPOT_VERSION=24.04
TPOT_VERSION=24.04.1
# T-Pot Pull Policy
# always: (T-Pot default) Compose implementations SHOULD always pull the image from the registry.

16
README.md
View file

@ -323,14 +323,14 @@ Once you are familiar with how things work you should choose a network you suspe
4. Make sure to install SSH, so you can connect to the machine remotely.
| Distribution Name | x64 | arm64 |
| :--------------------------------------------------------------------------------- | :------------------------------------------------------------------------------------------------------------------------------------- | :--------------------------------------------------------------------------------------------------------------------------------------- |
| [Alma Linux OS 9.4 Boot ISO](https://almalinux.org) | [download](https://repo.almalinux.org/almalinux/9.4/isos/x86_64/AlmaLinux-9.4-x86_64-boot.iso) | [download](https://repo.almalinux.org/almalinux/9.4/isos/aarch64/AlmaLinux-9.4-aarch64-boot.iso) |
| [Debian 12 Network Install](https://www.debian.org/CD/netinst/index.en.html) | [download](https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-12.8.0-amd64-netinst.iso) | [download](https://cdimage.debian.org/debian-cd/current/arm64/iso-cd/debian-12.8.0-arm64-netinst.iso) |
| [Fedora Server 40 Network Install](https://fedoraproject.org/server/download) | [download](https://download.fedoraproject.org/pub/fedora/linux/releases/40/Server/x86_64/iso/Fedora-Server-netinst-x86_64-40-1.14.iso) | [download](https://download.fedoraproject.org/pub/fedora/linux/releases/40/Server/aarch64/iso/Fedora-Server-netinst-aarch64-40-1.14.iso) |
| [OpenSuse Tumbleweed Network Image](https://get.opensuse.org/tumbleweed/#download) | [download](https://download.opensuse.org/tumbleweed/iso/openSUSE-Tumbleweed-NET-x86_64-Current.iso) | [download](https://download.opensuse.org/ports/aarch64/tumbleweed/iso/openSUSE-Tumbleweed-NET-aarch64-Current.iso) |
| [Rocky Linux OS 9.4 Boot ISO](https://rockylinux.org/download) | [download](https://download.rockylinux.org/pub/rocky/9.4/isos/x86_64/Rocky-9.4-x86_64-boot.iso) | [download](https://download.rockylinux.org/pub/rocky/9.4/isos/aarch64/Rocky-9.4-aarch64-boot.iso) |
| [Ubuntu 24.04.1 Live Server](https://ubuntu.com/download/server) | [download](https://releases.ubuntu.com/24.04/ubuntu-24.04.1-live-server-amd64.iso) | [download](https://cdimage.ubuntu.com/releases/24.04/release/ubuntu-24.04.1-live-server-arm64.iso) |
| Distribution Name | x64 | arm64 |
| :--------------------------------------------------------------------------------- | :------------------------------------------------------------------------------------------------------------------------------------ | :-------------------------------------------------------------------------------------------------------------------------------------- |
| [Alma Linux OS 9.5 Boot ISO](https://almalinux.org) | [download](https://repo.almalinux.org/almalinux/9.5/isos/x86_64/AlmaLinux-9.5-x86_64-boot.iso) | [download](https://repo.almalinux.org/almalinux/9.5/isos/aarch64/AlmaLinux-9.5-aarch64-boot.iso) |
| [Debian 12 Network Install](https://www.debian.org/CD/netinst/index.en.html) | [download](https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-12.8.0-amd64-netinst.iso) | [download](https://cdimage.debian.org/debian-cd/current/arm64/iso-cd/debian-12.8.0-arm64-netinst.iso) |
| [Fedora Server 41 Network Install](https://fedoraproject.org/server/download) | [download](https://download.fedoraproject.org/pub/fedora/linux/releases/41/Server/x86_64/iso/Fedora-Server-netinst-x86_64-41-1.4.iso) | [download](https://download.fedoraproject.org/pub/fedora/linux/releases/41/Server/aarch64/iso/Fedora-Server-netinst-aarch64-41-1.4.iso) |
| [OpenSuse Tumbleweed Network Image](https://get.opensuse.org/tumbleweed/#download) | [download](https://download.opensuse.org/tumbleweed/iso/openSUSE-Tumbleweed-NET-x86_64-Current.iso) | [download](https://download.opensuse.org/ports/aarch64/tumbleweed/iso/openSUSE-Tumbleweed-NET-aarch64-Current.iso) |
| [Rocky Linux OS 9.5 Boot ISO](https://rockylinux.org/download) | [download](https://download.rockylinux.org/pub/rocky/9/isos/x86_64/Rocky-9.5-x86_64-minimal.iso) | [download](https://download.rockylinux.org/pub/rocky/9/isos/aarch64/Rocky-9.5-aarch64-minimal.iso) |
| [Ubuntu 24.04.1 Live Server](https://ubuntu.com/download/server) | [download](https://releases.ubuntu.com/24.04/ubuntu-24.04.1-live-server-amd64.iso) | [download](https://cdimage.ubuntu.com/releases/24.04/release/ubuntu-24.04.1-live-server-arm64.iso) |
<br>

2
docker/_builder/.env
View file

@ -15,7 +15,7 @@ TPOT_DOCKER_REPO=dtagdevsec
TPOT_GHCR_REPO=ghcr.io/telekom-security
# T-Pot Version Tag
TPOT_VERSION=testing
TPOT_VERSION=24.04.1
# T-Pot platforms (architectures)
# Most docker features are available on linux

BIN
docker/tpotinit/dist/etc/objects/elkbase.tgz vendored
View file

Binary file not shown.

BIN
docker/tpotinit/dist/etc/objects/kibana_export.ndjson.zip vendored
View file

Binary file not shown.

2
env.example
View file

@ -149,7 +149,7 @@ TPOT_DOCKER_COMPOSE=./docker-compose.yml
TPOT_REPO=dtagdevsec
# T-Pot Version Tag
TPOT_VERSION=24.04
TPOT_VERSION=24.04.1
# T-Pot Pull Policy
# always: (T-Pot default) Compose implementations SHOULD always pull the image from the registry.

32
install.sh
View file

@ -171,10 +171,19 @@ echo "### (H)ive - T-Pot Standard / HIVE installation."
echo "### Includes also everything you need for a distributed setup with sensors."
echo "### (S)ensor - T-Pot Sensor installation."
echo "### Optimized for a distributed installation, without WebUI, Elasticsearch and Kibana."
echo "### (L)LM - T-Pot LLM installation."
echo "### Uses LLM based honeypots Beelzebub & Galah."
echo "### Requires Ollama (recommended) or ChatGPT subscription."
echo "### M(i)ni - T-Pot Mini installation."
echo "### Run 30+ honeypots with just a couple of honeypot daemons."
echo "### (M)obile - T-Pot Mobile installation."
echo "### Includes everything to run T-Pot Mobile (available separately)."
echo "### (T)arpit - T-Pot Tarpit installation."
echo "### Feed data endlessly to attackers, bots and scanners."
echo "### Also runs a Denial of Service Honeypot (ddospot)."
echo
while true; do
read -p "### Install Type? (h/s/m) " myTPOT_TYPE
read -p "### Install Type? (h/s/l/i/m/t) " myTPOT_TYPE
case "${myTPOT_TYPE}" in
h|H)
echo
@ -191,6 +200,20 @@ while true; do
myINFO="### Make sure to deploy SSH keys to this SENSOR and disable SSH password authentication.
### On HIVE run the tpotce/deploy.sh script to join this SENSOR to the HIVE."
break ;;
l|L)
echo
echo "### Installing T-Pot LLM."
myTPOT_TYPE="HIVE"
cp ${HOME}/tpotce/compose/llm.yml ${HOME}/tpotce/docker-compose.yml
myINFO="Make sure to adjust the T-Pot config file (.env) for Ollama / ChatGPT settings."
break ;;
i|I)
echo
echo "### Installing T-Pot Mini."
myTPOT_TYPE="HIVE"
cp ${HOME}/tpotce/compose/mini.yml ${HOME}/tpotce/docker-compose.yml
myINFO=""
break ;;
m|M)
echo
echo "### Installing T-Pot Mobile."
@ -198,6 +221,13 @@ while true; do
cp ${HOME}/tpotce/compose/mobile.yml ${HOME}/tpotce/docker-compose.yml
myINFO=""
break ;;
t|T)
echo
echo "### Installing T-Pot Tarpit."
myTPOT_TYPE="HIVE"
cp ${HOME}/tpotce/compose/tarpit.yml ${HOME}/tpotce/docker-compose.yml
myINFO=""
break ;;
esac
done

16
installer/install/tpot.yml
View file

@ -477,6 +477,22 @@
- "Rocky"
- "Ubuntu"
- name: Ensure vm.max_map_count is set (All)
lineinfile:
path: /etc/sysctl.conf
line: "vm.max_map_count=262144"
state: present
create: yes
when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
tags:
- "AlmaLinux"
- "Debian"
- "Fedora"
- "openSUSE Tumbleweed"
- "Raspbian"
- "Rocky"
- "Ubuntu"
- name: Disable ssh.socket unit (Ubuntu)
systemd:
name: ssh.socket

15
installer/remove/tpot.yml
View file

@ -215,6 +215,21 @@
- "Rocky"
- "Ubuntu"
- name: Remove vm.max_map_count setting (All)
lineinfile:
path: /etc/sysctl.conf
line: "vm.max_map_count=262144"
state: absent
when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
tags:
- "AlmaLinux"
- "Debian"
- "Fedora"
- "openSUSE Tumbleweed"
- "Raspbian"
- "Rocky"
- "Ubuntu"
- name: Remove T-Pot user (All)
user:
name: tpot

2
update.sh
View file

@ -167,6 +167,8 @@ function fuUPDATER () {
fuPULLIMAGES
fuREMOVEOLDIMAGES "dtagdevsec/*:dev"
fuREMOVEOLDIMAGES "ghcr.io/telekom-security/*:dev"
fuREMOVEOLDIMAGES "dtagdevsec/*:24.04"
fuREMOVEOLDIMAGES "ghcr.io/telekom-security/*:24.04"
echo
echo "### If you made changes to docker-compose.yml please ensure to add them again."
echo "### We stored the previous version as backup in $myARCHIVE."