Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-04-29 03:38:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
tpotce/docker/conpot/Dockerfile
Marco Ochse b1fbcd9532 tweaking, hardening
2018-05-04 16:29:55 +00:00

73 lines
2.2 KiB
Docker
Raw Blame History

FROM alpine
# Include dist
ADD dist/ /root/dist/
# Setup apt
RUN apk -U --no-cache add \
build-base \
cython-dev \
file \
git \
libev \
libtool \
libcap \
libxslt \
libxslt-dev \
mariadb-dev \
mariadb-client-libs \
pkgconfig \
python \
python-dev \
py-cffi \
py-cryptography \
py-pip \
tcpdump \
wget && \
# Setup ConPot
git clone https://github.com/mushorg/conpot /opt/conpot && \
cd /opt/conpot/ && \
git reset --hard d157229e4587188ad3d3af5dddcd71200713852d && \
git fetch origin pull/367/head:run-without-root && \
git checkout run-without-root && \
git checkout master && \
git merge run-without-root && \
cp /root/dist/requirements.txt /opt/conpot/ && \
# Patch to accept ENV for MIB path
cp /root/dist/snmp_server.py /opt/conpot/conpot/protocols/snmp/ && \
pip install --no-cache-dir -U pip setuptools && \
pip install --no-cache-dir . && \
cd / && \
rm -rf /opt/conpot /tmp/* /var/tmp/* && \
setcap cap_net_bind_service=+ep /usr/bin/python2.7 && \
# Get wireshark manuf db for scapy, setup configs, user, groups
mkdir -p /etc/conpot /var/log/conpot /usr/share/wireshark && \
wget https://github.com/wireshark/wireshark/raw/master/manuf -o /usr/share/wireshark/manuf && \
cp /root/dist/conpot.cfg /etc/conpot/conpot.cfg && \
cp -R /root/dist/templates /usr/lib/python2.7/site-packages/conpot/ && \
addgroup -g 2000 conpot && \
adduser -S -s /bin/bash -u 2000 -D -g 2000 conpot && \
# Clean up
apk del --purge \
build-base \
cython-dev \
file \
git \
libev \
libtool \
libxslt-dev \
mariadb-dev \
pkgconfig \
python-dev \
py-cffi \
py-pip \
wget && \
rm -rf /root/* && \
rm -rf /var/cache/apk/*
# Start conpot
USER conpot:conpot
CMD exec /usr/bin/conpot --template $CONPOT_TEMPLATE --logfile $CONPOT_LOG --config $CONPOT_CONFIG
Reference in a new issue View git blame Copy permalink