| 
									
										
										
										
											2017-10-13 18:58:14 +00:00
										 |  |  | [MAIN] | 
					
						
							|  |  |  | homedir = /opt/ewsposter/ | 
					
						
							|  |  |  | spooldir = /opt/ewsposter/spool/ | 
					
						
							|  |  |  | logdir = /opt/ewsposter/log/ | 
					
						
							|  |  |  | del_malware_after_send = false | 
					
						
							|  |  |  | send_malware = false | 
					
						
							| 
									
										
										
										
											2020-12-10 11:40:53 +00:00
										 |  |  | sendlimit = 5000 | 
					
						
							| 
									
										
										
										
											2017-10-13 18:58:14 +00:00
										 |  |  | contact = your_email_address | 
					
						
							| 
									
										
										
										
											2020-10-15 09:14:30 +00:00
										 |  |  | proxy = None | 
					
						
							|  |  |  | ip_int = None | 
					
						
							|  |  |  | ip_ext = None | 
					
						
							| 
									
										
										
										
											2017-10-13 18:58:14 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | [EWS] | 
					
						
							|  |  |  | ews = true | 
					
						
							|  |  |  | username = community-01-user | 
					
						
							|  |  |  | token = foth{a5maiCee8fineu7 | 
					
						
							|  |  |  | rhost_first = https://community.sicherheitstacho.eu/ews-0.1/alert/postSimpleMessage | 
					
						
							|  |  |  | rhost_second = https://community.sicherheitstacho.eu/ews-0.1/alert/postSimpleMessage | 
					
						
							|  |  |  | ignorecert = false | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | [HPFEED] | 
					
						
							| 
									
										
										
										
											2019-03-15 15:59:02 +00:00
										 |  |  | hpfeed = %(EWS_HPFEEDS_ENABLE)s | 
					
						
							|  |  |  | host = %(EWS_HPFEEDS_HOST)s | 
					
						
							|  |  |  | port = %(EWS_HPFEEDS_PORT)s | 
					
						
							|  |  |  | channels = %(EWS_HPFEEDS_CHANNELS)s | 
					
						
							|  |  |  | ident = %(EWS_HPFEEDS_IDENT)s | 
					
						
							|  |  |  | secret= %(EWS_HPFEEDS_SECRET)s | 
					
						
							| 
									
										
										
										
											2019-03-13 22:04:07 +00:00
										 |  |  | # path/to/certificate for tls broker - or "false" for non-tls broker | 
					
						
							| 
									
										
										
										
											2019-03-15 15:59:02 +00:00
										 |  |  | tlscert = %(EWS_HPFEEDS_TLSCERT)s | 
					
						
							| 
									
										
										
										
											2019-03-13 22:04:07 +00:00
										 |  |  | # hpfeeds submission format: "ews" (xml) or "json" | 
					
						
							| 
									
										
										
										
											2019-03-15 15:59:02 +00:00
										 |  |  | hpfformat = %(EWS_HPFEEDS_FORMAT)s | 
					
						
							| 
									
										
										
										
											2017-10-13 18:58:14 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | [EWSJSON] | 
					
						
							|  |  |  | json = false | 
					
						
							|  |  |  | jsondir = /data/ews/json/ | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-06-24 16:26:53 +00:00
										 |  |  | [INFLUXDB] | 
					
						
							|  |  |  | influxdb = false | 
					
						
							|  |  |  | host = http://localhost | 
					
						
							|  |  |  | port = 8086 | 
					
						
							|  |  |  | username = <your username for influx 1.8> | 
					
						
							|  |  |  | password = <your password for influx 1.8> | 
					
						
							|  |  |  | token = <your token for influx 2.0> | 
					
						
							|  |  |  | bucket = <your bucket/database for 2.0/1.8> | 
					
						
							|  |  |  | org = <your org for influx 2.0> | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-10-13 18:58:14 +00:00
										 |  |  | [GLASTOPFV3] | 
					
						
							| 
									
										
										
										
											2021-06-24 16:26:53 +00:00
										 |  |  | glastopfv3 = false | 
					
						
							| 
									
										
										
										
											2017-10-13 18:58:14 +00:00
										 |  |  | nodeid = glastopfv3-community-01 | 
					
						
							|  |  |  | sqlitedb = /data/glastopf/db/glastopf.db | 
					
						
							|  |  |  | malwaredir = /data/glastopf/data/files/ | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | [COWRIE] | 
					
						
							|  |  |  | cowrie = true | 
					
						
							|  |  |  | nodeid = cowrie-community-01 | 
					
						
							|  |  |  | logfile = /data/cowrie/log/cowrie.json | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | [DIONAEA] | 
					
						
							|  |  |  | dionaea = true | 
					
						
							|  |  |  | nodeid = dionaea-community-01 | 
					
						
							|  |  |  | malwaredir = /data/dionaea/binaries/ | 
					
						
							|  |  |  | sqlitedb = /data/dionaea/log/dionaea.sqlite | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | [HONEYTRAP] | 
					
						
							|  |  |  | honeytrap = true | 
					
						
							|  |  |  | nodeid = honeytrap-community-01 | 
					
						
							|  |  |  | newversion = true | 
					
						
							|  |  |  | payloaddir = /data/honeytrap/attacks/ | 
					
						
							|  |  |  | attackerfile = /data/honeytrap/log/attacker.log | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | [EMOBILITY] | 
					
						
							| 
									
										
										
										
											2018-08-08 11:58:26 +00:00
										 |  |  | eMobility = false | 
					
						
							| 
									
										
										
										
											2017-10-13 18:58:14 +00:00
										 |  |  | nodeid = emobility-community-01 | 
					
						
							|  |  |  | logfile = /data/emobility/log/centralsystemEWS.log | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | [CONPOT] | 
					
						
							|  |  |  | conpot = true | 
					
						
							|  |  |  | nodeid = conpot-community-01 | 
					
						
							| 
									
										
										
										
											2018-05-07 10:17:33 +00:00
										 |  |  | logfile = /data/conpot/log/conpot*.json | 
					
						
							| 
									
										
										
										
											2017-10-13 18:58:14 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | [ELASTICPOT] | 
					
						
							| 
									
										
										
										
											2021-06-24 16:26:53 +00:00
										 |  |  | elasticpot = true | 
					
						
							| 
									
										
										
										
											2017-10-13 18:58:14 +00:00
										 |  |  | nodeid = elasticpot-community-01 | 
					
						
							| 
									
										
										
										
											2020-06-29 10:45:33 +00:00
										 |  |  | logfile = /data/elasticpot/log/elasticpot.json | 
					
						
							| 
									
										
										
										
											2017-10-13 18:58:14 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | [SURICATA] | 
					
						
							| 
									
										
										
										
											2021-06-24 16:26:53 +00:00
										 |  |  | suricata = false | 
					
						
							| 
									
										
										
										
											2017-10-13 18:58:14 +00:00
										 |  |  | nodeid = suricata-community-01 | 
					
						
							| 
									
										
										
										
											2019-03-19 11:08:23 +00:00
										 |  |  | logfile = /data/suricata/log/eve.json | 
					
						
							| 
									
										
										
										
											2017-11-17 15:29:16 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | [MAILONEY] | 
					
						
							|  |  |  | mailoney = true | 
					
						
							|  |  |  | nodeid = mailoney-community-01 | 
					
						
							|  |  |  | logfile = /data/mailoney/log/commands.log | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | [RDPY] | 
					
						
							| 
									
										
										
										
											2023-02-24 14:34:49 +00:00
										 |  |  | rdpy = false | 
					
						
							| 
									
										
										
										
											2017-11-17 15:29:16 +01:00
										 |  |  | nodeid = rdpy-community-01 | 
					
						
							|  |  |  | logfile = /data/rdpy/log/rdpy.log | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | [VNCLOWPOT] | 
					
						
							| 
									
										
										
										
											2021-06-24 16:26:53 +00:00
										 |  |  | vnclowpot = false | 
					
						
							| 
									
										
										
										
											2017-11-17 15:29:16 +01:00
										 |  |  | nodeid = vnclowpot-community-01 | 
					
						
							|  |  |  | logfile = /data/vnclowpot/log/vnclowpot.log | 
					
						
							| 
									
										
										
										
											2018-05-07 10:17:33 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | [HERALDING] | 
					
						
							|  |  |  | heralding = true | 
					
						
							|  |  |  | nodeid = heralding-community-01 | 
					
						
							|  |  |  | logfile = /data/heralding/log/auth.csv | 
					
						
							| 
									
										
										
										
											2018-05-09 16:43:37 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | [CISCOASA] | 
					
						
							|  |  |  | ciscoasa = true | 
					
						
							|  |  |  | nodeid = ciscoasa-community-01 | 
					
						
							|  |  |  | logfile = /data/ciscoasa/log/ciscoasa.log | 
					
						
							| 
									
										
										
										
											2018-06-23 22:10:55 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | [TANNER] | 
					
						
							|  |  |  | tanner = true | 
					
						
							|  |  |  | nodeid = tanner-community-01 | 
					
						
							| 
									
										
										
										
											2018-06-24 23:16:19 +02:00
										 |  |  | logfile = /data/tanner/log/tanner_report.json | 
					
						
							| 
									
										
										
										
											2019-03-01 13:57:21 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | [GLUTTON] | 
					
						
							|  |  |  | glutton = true | 
					
						
							|  |  |  | nodeid = glutton-community-01 | 
					
						
							|  |  |  | logfile = /data/glutton/log/glutton.log | 
					
						
							| 
									
										
										
										
											2020-10-15 09:14:30 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | [HONEYSAP] | 
					
						
							| 
									
										
										
										
											2023-02-24 14:34:49 +00:00
										 |  |  | honeysap = false | 
					
						
							| 
									
										
										
										
											2020-10-15 09:14:30 +00:00
										 |  |  | nodeid = honeysap-community-01 | 
					
						
							|  |  |  | logfile = /data/honeysap/log/honeysap-external.log | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | [ADBHONEY] | 
					
						
							|  |  |  | adbhoney = true | 
					
						
							|  |  |  | nodeid = adbhoney-community-01 | 
					
						
							|  |  |  | logfile = /data/adbhoney/log/adbhoney.json | 
					
						
							| 
									
										
										
										
											2023-02-24 14:34:49 +00:00
										 |  |  | malwaredir = /data/adbhoney/downloads | 
					
						
							| 
									
										
										
										
											2020-10-15 09:14:30 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | [FATT] | 
					
						
							| 
									
										
										
										
											2021-11-30 16:04:58 +01:00
										 |  |  | fatt = false | 
					
						
							| 
									
										
										
										
											2020-10-15 09:14:30 +00:00
										 |  |  | nodeid = fatt-community-01 | 
					
						
							|  |  |  | logfile = /data/fatt/log/fatt.log | 
					
						
							| 
									
										
										
										
											2021-06-24 16:26:53 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | [IPPHONEY] | 
					
						
							|  |  |  | ipphoney = true | 
					
						
							|  |  |  | nodeid = ipphoney-community-01 | 
					
						
							|  |  |  | logfile = /data/ipphoney/log/ipphoney.json | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | [DICOMPOT] | 
					
						
							|  |  |  | dicompot = true | 
					
						
							|  |  |  | nodeid = dicompot-community-01 | 
					
						
							|  |  |  | logfile = /data/dicompot/log/dicompot.log | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | [MEDPOT] | 
					
						
							|  |  |  | medpot = true | 
					
						
							|  |  |  | nodeid = medpot-community-01 | 
					
						
							|  |  |  | logfile = /data/medpot/log/medpot.log | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | [HONEYPY] | 
					
						
							| 
									
										
										
										
											2022-01-17 17:45:03 +00:00
										 |  |  | honeypy = false | 
					
						
							| 
									
										
										
										
											2021-06-24 16:26:53 +00:00
										 |  |  | nodeid = honeypy-community-01 | 
					
						
							|  |  |  | logfile = /data/honeypy/log/json.log | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | [CITRIX] | 
					
						
							|  |  |  | citrix = true | 
					
						
							|  |  |  | nodeid = citrix-community-01 | 
					
						
							|  |  |  | logfile = /data/citrixhoneypot/logs/server.log | 
					
						
							| 
									
										
										
										
											2022-10-11 15:13:47 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | [REDISHONEYPOT] | 
					
						
							|  |  |  | redishoneypot = true | 
					
						
							|  |  |  | nodeid = redishoneypot-community-01 | 
					
						
							|  |  |  | logfile = /data/redishoneypot/log/redishoneypot.log | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | [ENDLESSH] | 
					
						
							|  |  |  | endlessh = true | 
					
						
							|  |  |  | nodeid = endlessh-community-01 | 
					
						
							|  |  |  | logfile = /data/endlessh/log/endlessh.log | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | [SENTRYPEER] | 
					
						
							|  |  |  | sentrypeer = true | 
					
						
							|  |  |  | nodeid = sentrypeer-community-01 | 
					
						
							|  |  |  | logfile = /data/sentrypeer/log/sentrypeer.json | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | [LOG4POT] | 
					
						
							|  |  |  | log4pot = true | 
					
						
							|  |  |  | nodeid = log4pot-community-01 | 
					
						
							|  |  |  | logfile = /data/log4pot/log/log4pot.log |