mirror of
				https://github.com/telekom-security/tpotce.git
				synced 2025-10-25 01:34:43 +00:00 
			
		
		
		
	 85d23150b8
			
		
	
	
		85d23150b8
		
	
	
	
	
		
			
			Numerous changes completed to successfully have multiple Conpot Honeypots in operation - Fix Dockerfile Build Failures by adding py-gevent and py-snmp to APK where required - Build new dedicated images for Conpot via Default, Kamstrup and Guardian Templates - Reconfigure IP Tables Rules - Update all YML files with new configuration to download new Conpot images instead of T-Pot Default Conpot Image - Configure Environment Variables in Docker Files for Image Builds - Fix missing IPTable rule/configuration for 5060/udp for Dionaea - Successfully test via NMAP that ports 102, 161/udp, 502, 623/udp, 10001, 47808/udp, and 50100 are open and functioning correctly KNOWN ISSUE: Conpot data is not available on dashboard/visualisations due to changes required for Logstash configuration.
		
			
				
	
	
		
			58 lines
		
	
	
	
		
			1 KiB
		
	
	
	
		
			INI
		
	
	
	
	
	
			
		
		
	
	
			58 lines
		
	
	
	
		
			1 KiB
		
	
	
	
		
			INI
		
	
	
	
	
	
| [common]
 | |
| sensorid = conpot_kamstrup
 | |
| 
 | |
| [session]
 | |
| timeout = 30
 | |
| 
 | |
| [daemon]
 | |
| user = conpot_kamstrup
 | |
| group = conpot_kamstrup
 | |
| 
 | |
| [json]
 | |
| enabled = True
 | |
| filename = /var/log/conpot/conpot_kamstrup.json
 | |
| 
 | |
| [sqlite]
 | |
| enabled = False
 | |
| 
 | |
| [mysql]
 | |
| enabled = False
 | |
| device = /tmp/mysql.sock
 | |
| host = localhost
 | |
| port = 3306
 | |
| db = conpot_kamstrup
 | |
| username = conpot_kamstrup
 | |
| passphrase = conpot_kamstrup
 | |
| socket = tcp        ; tcp (sends to host:port), dev (sends to mysql device/socket file)
 | |
| 
 | |
| [syslog]
 | |
| enabled = False
 | |
| device = /dev/log
 | |
| host = localhost
 | |
| port = 514
 | |
| facility = local0
 | |
| socket = dev        ; udp (sends to host:port), dev (sends to device)
 | |
| 
 | |
| [hpfriends]
 | |
| enabled = False
 | |
| host = hpfriends.honeycloud.net
 | |
| port = 20000
 | |
| ident = 3Ykf9Znv
 | |
| secret = 4nFRhpm44QkG9cvD
 | |
| channels = ["conpot.events", ]
 | |
| 
 | |
| [taxii]
 | |
| enabled = False
 | |
| host = taxiitest.mitre.org
 | |
| port = 80
 | |
| inbox_path = /services/inbox/default/
 | |
| use_https = False
 | |
| 
 | |
| [fetch_public_ip]
 | |
| enabled = True
 | |
| urls = ["http://whatismyip.akamai.com/", "http://wgetip.com/"]
 | |
| 
 | |
| [change_mac_addr]
 | |
| enabled = False
 | |
| iface = eth0
 | |
| addr = 00:de:ad:be:ef:00
 |