diff --git a/installer/bin/clean.sh b/installer/bin/clean.sh
index 45ac49d2..d3f3fdcd 100755
--- a/installer/bin/clean.sh
+++ b/installer/bin/clean.sh
@@ -79,7 +79,7 @@ fuHONEYTRAP () {
 }
 
 # Let's create a function to clean up and prepare mailoney data
-fuHONEYTRAP () {
+fuMAILONEY () {
   rm -rf /data/mailoney/*
   mkdir -p /data/mailoney/log/
   chmod 760 /data/mailoney/ -R
@@ -118,6 +118,7 @@ fuELK
 fuEMOBILITY
 fuGLASTOPF
 fuHONEYTRAP
+fuMAILONEY
 fuSPIDERFOOT
 fuSURICATA
 fuP0F
diff --git a/installer/etc/tpot/compose/all.yml b/installer/etc/tpot/compose/all.yml
index 7d448add..25a6284b 100644
--- a/installer/etc/tpot/compose/all.yml
+++ b/installer/etc/tpot/compose/all.yml
@@ -42,19 +42,24 @@ services:
      - "23:2223"
     image: "dtagdevsec/cowrie:1706"
     volumes:
-     - /data/cowrie:/data/cowrie
+     - /data/cowrie/downloads:/home/cowrie/cowrie/dl
+     - /data/cowrie/keys:/home/cowrie/cowrie/etc
+     - /data/cowrie/log:/home/cowrie/cowrie/log
+     - /data/cowrie/log/tty:/home/cowrie/cowrie/log/tty
  
 # Dionaea service
   dionaea:
     container_name: dionaea
     stdin_open: true
     restart: always
+    sysctls:
+     - net.ipv6.conf.all.disable_ipv6=1
     networks:
      - dionaea_local
     cap_add:
      - NET_BIND_SERVICE
     ports:
-     - "21:21" 
+     - "21:21"
      - "42:42"
      - "69:69/udp"
      - "8081:80"
@@ -64,15 +69,22 @@ services:
      - "1433:1433"
      - "1723:1723"
      - "1883:1883"
-     - "1900:1900"
-     - "3306:3306" 
+     - "1900:1900/udp"
+     - "3306:3306"
      - "5060:5060"
-     - "5061:5061"
      - "5060:5060/udp"
-     - "11211:11211"
+     - "5061:5061"
+     - "27017:27017"
     image: "dtagdevsec/dionaea:1706"
     volumes:
-     - /data/dionaea:/data/dionaea
+     - /data/dionaea/roots/ftp:/opt/dionaea/var/dionaea/roots/ftp
+     - /data/dionaea/roots/tftp:/opt/dionaea/var/dionaea/roots/tftp
+     - /data/dionaea/roots/www:/opt/dionaea/var/dionaea/roots/www
+     - /data/dionaea/roots/upnp:/opt/dionaea/var/dionaea/roots/upnp
+     - /data/dionaea:/opt/dionaea/var/dionaea
+     - /data/dionaea/binaries:/opt/dionaea/var/dionaea/binaries
+     - /data/dionaea/log:/opt/dionaea/var/log
+     - /data/dionaea/rtp:/opt/dionaea/var/dionaea/rtp
 
 # Elasticpot service
   elasticpot:
@@ -84,7 +96,7 @@ services:
      - "9200:9200"
     image: "dtagdevsec/elasticpot:1706"
     volumes:
-     - /data/elasticpot:/data/elasticpot
+     - /data/elasticpot/log/elasticpot.log:/opt/ElasticpotPY/elasticpot.log
 
 # ELK services
 ## Elasticsearch service
@@ -182,8 +194,8 @@ services:
      - "80:80"
     image: "dtagdevsec/glastopf:1706"
     volumes:
-     - /data/glastopf:/data/glastopf
-     - /data/ews:/data/ews
+     - /data/glastopf/db:/opt/glastopf/db
+     - /data/glastopf/log:/opt/glastopf/log
 
 # Honeytrap service
   honeytrap:
@@ -194,8 +206,9 @@ services:
      - NET_ADMIN
     image: "dtagdevsec/honeytrap:1706"
     volumes:
-     - /data/honeytrap:/data/honeytrap
-     - /data/ews:/data/ews
+     - /data/honeytrap/attacks:/opt/honeytrap/var/attacks
+     - /data/honeytrap/downloads:/opt/honeytrap/var/downloads
+     - /data/honeytrap/log:/opt/honeytrap/var/log
 
 # Mailoney service
   mailoney:
diff --git a/installer/etc/tpot/compose/hp.yml b/installer/etc/tpot/compose/hp.yml
index c2d0856a..07bacf8f 100644
--- a/installer/etc/tpot/compose/hp.yml
+++ b/installer/etc/tpot/compose/hp.yml
@@ -11,7 +11,7 @@ networks:
   mailoney_local:
 
 services:
-
+ 
 # Cowrie service
   cowrie:
     container_name: cowrie
@@ -25,19 +25,24 @@ services:
      - "23:2223"
     image: "dtagdevsec/cowrie:1706"
     volumes:
-     - /data/cowrie:/data/cowrie
-
+     - /data/cowrie/downloads:/home/cowrie/cowrie/dl
+     - /data/cowrie/keys:/home/cowrie/cowrie/etc
+     - /data/cowrie/log:/home/cowrie/cowrie/log
+     - /data/cowrie/log/tty:/home/cowrie/cowrie/log/tty
+ 
 # Dionaea service
   dionaea:
     container_name: dionaea
     stdin_open: true
     restart: always
+    sysctls:
+     - net.ipv6.conf.all.disable_ipv6=1
     networks:
      - dionaea_local
     cap_add:
      - NET_BIND_SERVICE
     ports:
-     - "21:21" 
+     - "21:21"
      - "42:42"
      - "69:69/udp"
      - "8081:80"
@@ -47,15 +52,22 @@ services:
      - "1433:1433"
      - "1723:1723"
      - "1883:1883"
-     - "1900:1900"
-     - "3306:3306" 
+     - "1900:1900/udp"
+     - "3306:3306"
      - "5060:5060"
-     - "5061:5061"
      - "5060:5060/udp"
-     - "11211:11211" 
+     - "5061:5061"
+     - "27017:27017"
     image: "dtagdevsec/dionaea:1706"
     volumes:
-     - /data/dionaea:/data/dionaea
+     - /data/dionaea/roots/ftp:/opt/dionaea/var/dionaea/roots/ftp
+     - /data/dionaea/roots/tftp:/opt/dionaea/var/dionaea/roots/tftp
+     - /data/dionaea/roots/www:/opt/dionaea/var/dionaea/roots/www
+     - /data/dionaea/roots/upnp:/opt/dionaea/var/dionaea/roots/upnp
+     - /data/dionaea:/opt/dionaea/var/dionaea
+     - /data/dionaea/binaries:/opt/dionaea/var/dionaea/binaries
+     - /data/dionaea/log:/opt/dionaea/var/log
+     - /data/dionaea/rtp:/opt/dionaea/var/dionaea/rtp
 
 # Elasticpot service
   elasticpot:
@@ -67,7 +79,7 @@ services:
      - "9200:9200"
     image: "dtagdevsec/elasticpot:1706"
     volumes:
-     - /data/elasticpot:/data/elasticpot
+     - /data/elasticpot/log/elasticpot.log:/opt/ElasticpotPY/elasticpot.log
 
 # Ewsposter service
   ewsposter:
@@ -90,8 +102,8 @@ services:
      - "80:80"
     image: "dtagdevsec/glastopf:1706"
     volumes:
-     - /data/glastopf:/data/glastopf
-     - /data/ews:/data/ews
+     - /data/glastopf/db:/opt/glastopf/db
+     - /data/glastopf/log:/opt/glastopf/log
 
 # Honeytrap service
   honeytrap:
@@ -102,8 +114,9 @@ services:
      - NET_ADMIN
     image: "dtagdevsec/honeytrap:1706"
     volumes:
-     - /data/honeytrap:/data/honeytrap
-     - /data/ews:/data/ews
+     - /data/honeytrap/attacks:/opt/honeytrap/var/attacks
+     - /data/honeytrap/downloads:/opt/honeytrap/var/downloads
+     - /data/honeytrap/log:/opt/honeytrap/var/log
 
 # Mailoney service
   mailoney:
diff --git a/installer/etc/tpot/compose/industrial.yml b/installer/etc/tpot/compose/industrial.yml
index d192769f..6783803f 100644
--- a/installer/etc/tpot/compose/industrial.yml
+++ b/installer/etc/tpot/compose/industrial.yml
@@ -97,6 +97,7 @@ services:
     image: "dtagdevsec/emobility:1706"
     volumes:
      - /data/emobility:/data/eMobility
+     - /data/ews:/data/ews
 
 # Ewsposter service
   ewsposter:
diff --git a/installer/etc/tpot/compose/tpot.yml b/installer/etc/tpot/compose/tpot.yml
index 6b3e94cf..8f51ade6 100644
--- a/installer/etc/tpot/compose/tpot.yml
+++ b/installer/etc/tpot/compose/tpot.yml
@@ -27,19 +27,24 @@ services:
      - "23:2223"
     image: "dtagdevsec/cowrie:1706"
     volumes:
-     - /data/cowrie:/data/cowrie
+     - /data/cowrie/downloads:/home/cowrie/cowrie/dl
+     - /data/cowrie/keys:/home/cowrie/cowrie/etc
+     - /data/cowrie/log:/home/cowrie/cowrie/log
+     - /data/cowrie/log/tty:/home/cowrie/cowrie/log/tty
 
 # Dionaea service
   dionaea:
     container_name: dionaea
     stdin_open: true
     restart: always
+    sysctls:
+     - net.ipv6.conf.all.disable_ipv6=1
     networks:
      - dionaea_local
     cap_add:
      - NET_BIND_SERVICE
     ports:
-     - "21:21" 
+     - "21:21"
      - "42:42"
      - "69:69/udp"
      - "8081:80"
@@ -49,15 +54,22 @@ services:
      - "1433:1433"
      - "1723:1723"
      - "1883:1883"
-     - "1900:1900"
-     - "3306:3306" 
+     - "1900:1900/udp"
+     - "3306:3306"
      - "5060:5060"
-     - "5061:5061"
      - "5060:5060/udp"
-     - "11211:11211" 
+     - "5061:5061"
+     - "27017:27017"
     image: "dtagdevsec/dionaea:1706"
     volumes:
-     - /data/dionaea:/data/dionaea
+     - /data/dionaea/roots/ftp:/opt/dionaea/var/dionaea/roots/ftp
+     - /data/dionaea/roots/tftp:/opt/dionaea/var/dionaea/roots/tftp
+     - /data/dionaea/roots/www:/opt/dionaea/var/dionaea/roots/www
+     - /data/dionaea/roots/upnp:/opt/dionaea/var/dionaea/roots/upnp
+     - /data/dionaea:/opt/dionaea/var/dionaea
+     - /data/dionaea/binaries:/opt/dionaea/var/dionaea/binaries
+     - /data/dionaea/log:/opt/dionaea/var/log
+     - /data/dionaea/rtp:/opt/dionaea/var/dionaea/rtp
 
 # Elasticpot service
   elasticpot:
@@ -69,7 +81,7 @@ services:
      - "9200:9200"
     image: "dtagdevsec/elasticpot:1706"
     volumes:
-     - /data/elasticpot:/data/elasticpot
+     - /data/elasticpot/log/elasticpot.log:/opt/ElasticpotPY/elasticpot.log
 
 # ELK services
 ## Elasticsearch service
@@ -152,8 +164,8 @@ services:
      - "80:80"
     image: "dtagdevsec/glastopf:1706"
     volumes:
-     - /data/glastopf:/data/glastopf
-     - /data/ews:/data/ews
+     - /data/glastopf/db:/opt/glastopf/db
+     - /data/glastopf/log:/opt/glastopf/log
 
 # Honeytrap service
   honeytrap:
@@ -164,8 +176,9 @@ services:
      - NET_ADMIN
     image: "dtagdevsec/honeytrap:1706"
     volumes:
-     - /data/honeytrap:/data/honeytrap
-     - /data/ews:/data/ews
+     - /data/honeytrap/attacks:/opt/honeytrap/var/attacks
+     - /data/honeytrap/downloads:/opt/honeytrap/var/downloads
+     - /data/honeytrap/log:/opt/honeytrap/var/log
 
 # Mailoney service
   mailoney:
diff --git a/installer/etc/tpot/systemd/tpot.service b/installer/etc/tpot/systemd/tpot.service
index 2ccbbc5e..bc612a29 100644
--- a/installer/etc/tpot/systemd/tpot.service
+++ b/installer/etc/tpot/systemd/tpot.service
@@ -32,9 +32,9 @@ ExecStartPre=-/bin/chmod 666 /var/run/docker.sock
 # Forward all other connections to honeytrap / NFQUEUE
 ExecStartPre=/sbin/iptables -w -A INPUT -s 127.0.0.1 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -A INPUT -d 127.0.0.1 -j ACCEPT
-ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 64295:64303,7634,8125 -j ACCEPT
+ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 64295:64303,7634 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 21:23,25,42,69,80,135,443,445,1433,1723,1883,1900 -j ACCEPT
-ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 3306,5060,5061,5601,11211 -j ACCEPT
+ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 3306,5060,5061,5601,27017 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 1025,50100,8080,8081,9200 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -j NFQUEUE
 
@@ -47,9 +47,9 @@ ExecStop=/usr/local/bin/docker-compose -f /etc/tpot/tpot.yml down -v
 # Remove only previously set iptables rules
 ExecStopPost=/sbin/iptables -w -D INPUT -s 127.0.0.1 -j ACCEPT
 ExecStopPost=/sbin/iptables -w -D INPUT -d 127.0.0.1 -j ACCEPT
-ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 64295:64303,7634,8125 -j ACCEPT
+ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 64295:64303,7634 -j ACCEPT
 ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 21:23,25,42,69,80,135,443,445,1433,1723,1883,1900 -j ACCEPT
-ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 3306,5060,5061,5601,11211 -j ACCEPT
+ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 3306,5060,5061,5601,27017 -j ACCEPT
 ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 1025,50100,8080,8081,9200 -j ACCEPT
 ExecStopPost=/sbin/iptables -w -D INPUT -p tcp --syn -m state --state NEW -j NFQUEUE
 
diff --git a/installer/install.sh b/installer/install.sh
index beb36262..b87e6998 100755
--- a/installer/install.sh
+++ b/installer/install.sh
@@ -414,6 +414,9 @@ tee -a /etc/sysctl.conf 2>&1>/dev/null <<EOF
 kernel.panic = 1
 kernel.panic_on_oops = 1
 vm.max_map_count = 262144
+net.ipv6.conf.all.disable_ipv6 = 1
+net.ipv6.conf.default.disable_ipv6 = 1
+net.ipv6.conf.lo.disable_ipv6 = 1
 EOF
 
 # Let's add some cronjobs
@@ -427,6 +430,9 @@ tee -a /etc/crontab 2>&1>/dev/null <<EOF
 # Delete elastic indices older than 90 days (kibana index is omitted by default)
 #27 4 * * *     root    docker exec elk bash -c '/usr/local/bin/curator --host 127.0.0.1 delete indices --older-than 90 --time-unit days --timestring \%Y.\%m.\%d'
 
+# Uploaded binaries are not supposed to be downloaded
+*/1 * * * *     root    mv --backup=numbered /data/dionaea/roots/ftp/* /data/dionaea/binaries/
+
 # Daily reboot
 27 3 * * *      root    reboot