remove dns udp expose for qhoneypots (mini edition)

compose/mini.yml

@@ -226,8 +226,8 @@ services:
      - "22:22"
      - "23:23"
      - "25:25"
+     - "53:53"
      - "67:67/udp"
-     - "53:53/udp"
      - "80:80"
      - "110:110"
      - "123:123"

compose/tpot_services.yml

@@ -572,7 +572,7 @@ services:
      - "22:22"
      - "23:23"
      - "25:25"
-     - "53:53/udp"
+     - "53:53"
      - "67:67/udp"
      - "80:80"
      - "110:110"

docker/cowrie/docker-compose.yml

@@ -18,7 +18,7 @@ services:
     ports:
      - "22:22"
      - "23:23"
-    image: "dtagdevsec/cowrie:24.04"
+    image: "ghcr.io/telekom-security/cowrie:24.04.1"
     read_only: true
     volumes:
      - $HOME/tpotce/data/cowrie/downloads:/home/cowrie/cowrie/dl

docker/log4pot/Dockerfile

@@ -31,6 +31,7 @@ RUN apt-get update -y && \
     cd Log4Pot && \
     git checkout 5002b1fe0f82359ef32dbc3a899e8a701dc3256e && \
     sed -i 's#"type": logtype,#"reason": logtype,#g' log4pot-server.py && \
+	rm poetry.lock && \
     poetry --no-cache --without=dev install && \
     setcap cap_net_bind_service=+ep $(readlink -f $(which python3)) && \
 #

docker/suricata/dist/suricata.yaml

@@ -1005,7 +1005,7 @@ app-layer:
         detection-ports:
           dp: 53
       udp:
-        enabled: yes
+        enabled: no
         detection-ports:
           dp: 53
     http:

docker/wordpot/docker-compose.yml

@@ -14,7 +14,7 @@ services:
      - wordpot_local
     ports:
      - "80:80"
-    image: "dtagdevsec/wordpot:24.04"
+    image: "ghcr.io/telekom-security/wordpot:24.04.1"
     read_only: true
     volumes:
      - $HOME/tpotce/data/wordpot/log:/opt/wordpot/logs/