From 114997308b4a3e26f38df02d365f66b8003a2fdd Mon Sep 17 00:00:00 2001 From: Marco Ochse Date: Fri, 18 May 2018 16:05:28 +0000 Subject: [PATCH] tweaking, hardening --- docker/honeytrap/Dockerfile | 2 +- docker/honeytrap/docker-compose.yml | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/docker/honeytrap/Dockerfile b/docker/honeytrap/Dockerfile index 590b58fe..e10010e9 100644 --- a/docker/honeytrap/Dockerfile +++ b/docker/honeytrap/Dockerfile @@ -54,4 +54,4 @@ RUN apt-get update -y && \ apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* # Start honeytrap -CMD ["/opt/honeytrap/sbin/honeytrap", "-D", "-C", "/opt/honeytrap/etc/honeytrap/honeytrap.conf", "-t", "5", "-u", "honeytrap", "-g", "honeytrap"] +CMD ["/opt/honeytrap/sbin/honeytrap", "-D", "-C", "/opt/honeytrap/etc/honeytrap/honeytrap.conf", "-P", "/tmp/honeytrap/honeytrap.pid", "-t", "5", "-u", "honeytrap", "-g", "honeytrap"] diff --git a/docker/honeytrap/docker-compose.yml b/docker/honeytrap/docker-compose.yml index 399ed7c5..c94b30eb 100644 --- a/docker/honeytrap/docker-compose.yml +++ b/docker/honeytrap/docker-compose.yml @@ -1,4 +1,4 @@ -version: '2.2' +version: '2.3' networks: honeytrap_local: @@ -10,10 +10,13 @@ services: build: . container_name: honeytrap restart: always + tmpfs: + - /tmp/honeytrap:uid=2000,gid=2000 network_mode: "host" cap_add: - NET_ADMIN image: "dtagdevsec/honeytrap:1804" + read_only: true volumes: - /data/honeytrap/attacks:/opt/honeytrap/var/attacks - /data/honeytrap/downloads:/opt/honeytrap/var/downloads