include docker repos

... skip emobility since it is a dev repo

docker/honeytrap/dist/honeytrap.conf

@@ -0,0 +1,143 @@
+/* 
+ * honeytrap 1.0.1 configuration file template -- please adjust
+ * (c) Tillmann Werner <tillmann.werner@gmx.de>
+ */
+
+// log to this file
+logfile		= "/opt/honeytrap/var/log/honeytrap.log"
+
+// store process ID in this file
+pidfile		= "/var/run/honeytrap.pid"
+
+/* where to look for default responses
+ * these are sent for connections handled in "normal mode" */
+response_dir	= "/opt/honeytrap/etc/honeytrap/responses"
+
+// replace rfc1918 IP addresses with attacking IP address
+replace_private_ips = "no"
+
+// bind dynamic servers to a specific address
+//bind_address = "127.0.0.1"
+
+/* put network interface into promiscuous mode
+ * (only availabel when compiled with --with-stream-mon=pcap) */
+//promisc = "on"
+
+/* the user and group under which honeytrap should run
+ * should be set to non-root */
+user	= "honeytrap"
+group	= "honeytrap"
+
+// do not read more than 20 MB - used to prevent DoS attacks
+read_limit = "20971520"
+
+
+/* ----- plugin stuff below ----- */
+
+/* where to look for plugins
+   needs to be set before loading plugins */
+plugin_dir	= "/opt/honeytrap/etc/honeytrap/plugins"
+
+
+// include a plugin via plugin-[ModuleName] = ""
+
+// plugin-magicPE = ""
+plugin-ftpDownload = ""
+plugin-tftpDownload = ""
+plugin-b64Decode = ""
+plugin-deUnicode = ""
+plugin-vncDownload = ""
+
+
+// store attacks on disk
+plugin-SaveFile = {
+	attacks_dir	= "/opt/honeytrap/var/attacks"
+	downloads_dir	= "/opt/honeytrap/var/downloads"
+}
+
+
+// plugin for shellcode detection and emulation
+/*
+plugin-cpuEmu = {
+	execute_shellcode = "no"
+	createprocess_cmd = "/bin/sh -c \"cd /opt/honeytrap-libemu/.wine/drive_c/windows/system32; WINEPREFIX='/opt/honeytrap-libemu/.wine/' WINEDEBUG='-all' wine 'c:\\windows\\system32\\cmd_orig.exe'\""
+}
+*/
+
+
+
+// scan downloaded samples with ClamAV engine
+/*
+plugin-ClamAV = {
+	temp_dir	= "/tmp"
+	clamdb_path	= "/var/lib/clamav"
+}
+*/
+
+
+// calculate locality sensitive hashes
+/*
+plugin-SpamSum = {
+	md5sum_sigfile	= "/opt/honeytrap/md5sum.sigs"
+	spamsum_sigfile	= "/opt/honeytrap/spamsum.sigs"
+}
+*/
+
+plugin-logAttacker = { logfile = "/opt/honeytrap/var/log/attacker.log" }
+
+// log attack details in JSON format
+plugin-logJSON = { logfile = "/opt/honeytrap/var/log/attackers.json" }
+
+
+// store attacks in PostgeSQL database
+/*
+plugin-SavePostgres = {
+	db_host	= "localhost"
+	db_name	= "some_db"
+	db_user	= "some_user"
+	db_pass	= "some_pass"
+//	db_port = "some_port"	// defaults to 5432/tcp if not set
+}
+*/
+
+
+// invoke an external program (f.e. wget) to download files via http
+/*
+plugin-httpDownload = {
+	http_program = "/usr/bin/wget"
+	http_options = "-q -t1 -T1 -O-"
+}
+*/
+
+
+// submit downloaded malware samples to the mwcollect alliance
+/*
+plugin-submitMWserv = {
+	mwserv_url      = "https://submission-url/"
+	guid            = "your-guid"
+	maintainer      = "your-maintainer" 
+	secret          = "your-secret"
+	timeout		= "120"
+}
+*/
+
+/* ----- port mode configuration below ----- */
+
+// default port configuration (ignore, normal or mirror)
+//   ignore: just ignore connection attempts
+//   normal: send a default response
+//   mirror: mirror connections back to the initiator (use with caution!)
+portconf_default = "normal"
+
+// explicit port configuration
+/* portconf = {
+	// ignore connection requests on these ports
+	ignore = {
+		protocol	= "tcp"
+		port		= "22" 
+	}
+}
+*/
+
+// include a file
+//include = "ports.conf"