From 2e5639a50bfcaa381864a2bca65391be95497f8e Mon Sep 17 00:00:00 2001 From: t3chn0m4g3 Date: Fri, 4 Sep 2020 13:01:21 +0000 Subject: [PATCH] fix links --- CHANGELOG.md | 2 +- README.md | 28 +++++++++--------- bin/change_ews_config.sh | 2 +- cloud/ansible/README.md | 4 +-- .../openstack/roles/install/tasks/main.yaml | 2 +- cloud/terraform/cloud-init.yaml | 2 +- docker/deprecated/elasticpot.old/README.md | 2 +- docker/deprecated/glastopf/README.md | 2 +- docker/heimdall/dist/app/app.sqlite | Bin 229376 -> 229384 bytes docker/p0f/README.md | 11 ------- iso/installer/install.sh | 2 +- iso/preseed/tpot.seed | 2 +- update.sh | 2 +- 13 files changed, 25 insertions(+), 36 deletions(-) delete mode 100644 docker/p0f/README.md diff --git a/CHANGELOG.md b/CHANGELOG.md index 6b572d8d..77cdd191 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -51,7 +51,7 @@ - **Update ISO image to fix upstream bug of missing kernel modules** - **Include dashboards for CitrixHoneypot** - Please run `/opt/tpot/update.sh` for the necessary modifications, omit the reboot and run `/opt/tpot/bin/tped.sh` to (re-)select the NextGen installation type. - - This update requires the latest Kibana objects as well. Download the latest from https://raw.githubusercontent.com/dtag-dev-sec/tpotce/master/etc/objects/kibana_export.json.zip, unzip and import the objects within Kibana WebUI > Management > Saved Objects > Export / Import". All objects will be overwritten upon import, make sure to run an export first. + - This update requires the latest Kibana objects as well. Download the latest from https://raw.githubusercontent.com/telekom-security/tpotce/master/etc/objects/kibana_export.json.zip, unzip and import the objects within Kibana WebUI > Management > Saved Objects > Export / Import". All objects will be overwritten upon import, make sure to run an export first. ## 20200115 - **Prepare integration of CitrixHoneypot** diff --git a/README.md b/README.md index 078e13d5..32c018d8 100644 --- a/README.md +++ b/README.md @@ -40,7 +40,7 @@ Furthermore T-Pot includes the following tools # TL;DR 1. Meet the [system requirements](#requirements). The T-Pot installation needs at least 8 GB RAM and 128 GB free disk space as well as a working (outgoing non-filtered) internet connection. -2. Download the T-Pot ISO from [GitHub](https://github.com/dtag-dev-sec/tpotce/releases) or [create it yourself](#createiso). +2. Download the T-Pot ISO from [GitHub](https://github.com/telekom-security/tpotce/releases) or [create it yourself](#createiso). 3. Install the system in a [VM](#vm) or on [physical hardware](#hw) with [internet access](#placement). 4. Enjoy your favorite beverage - [watch](https://sicherheitstacho.eu) and [analyze](#kibana). @@ -132,7 +132,7 @@ The T-Pot project provides all the tools and documentation necessary to build yo The source code and configuration files are fully stored in the T-Pot GitHub repository. The docker images are preconfigured for the T-Pot environment. If you want to run the docker images separately, make sure you study the docker-compose configuration (`/opt/tpot/etc/tpot.yml`) and the T-Pot systemd script (`/etc/systemd/system/tpot.service`), as they provide a good starting point for implementing changes. -The individual docker configurations are located in the [docker folder](https://github.com/dtag-dev-sec/tpotce/tree/master/docker). +The individual docker configurations are located in the [docker folder](https://github.com/telekom-security/tpotce/tree/master/docker). # System Requirements @@ -183,18 +183,18 @@ There are prebuilt installation types available each focussing on different aspe # Installation The installation of T-Pot is straight forward and heavily depends on a working, transparent and non-proxied up and running internet connection. Otherwise the installation **will fail!** -Firstly, decide if you want to download the prebuilt installation ISO image from [GitHub](https://github.com/dtag-dev-sec/tpotce/releases), [create it yourself](#createiso) ***or*** [post-install on an existing Debian 10 (Buster)](#postinstall). +Firstly, decide if you want to download the prebuilt installation ISO image from [GitHub](https://github.com/telekom-security/tpotce/releases), [create it yourself](#createiso) ***or*** [post-install on an existing Debian 10 (Buster)](#postinstall). Secondly, decide where you the system to run: [real hardware](#hardware) or in a [virtual machine](#vm)? ## Prebuilt ISO Image -An installation ISO image is available for download (~50MB), which is created by the [ISO Creator](https://github.com/dtag-dev-sec/tpotce) you can use yourself in order to create your own image. It will basically just save you some time downloading components and creating the ISO image. -You can download the prebuilt installation ISO from [GitHub](https://github.com/dtag-dev-sec/tpotce/releases) and jump to the [installation](#vm) section. +An installation ISO image is available for download (~50MB), which is created by the [ISO Creator](https://github.com/telekom-security/tpotce) you can use yourself in order to create your own image. It will basically just save you some time downloading components and creating the ISO image. +You can download the prebuilt installation ISO from [GitHub](https://github.com/telekom-security/tpotce/releases) and jump to the [installation](#vm) section. ## Create your own ISO Image -For transparency reasons and to give you the ability to customize your install you use the [ISO Creator](https://github.com/dtag-dev-sec/tpotce) that enables you to create your own ISO installation image. +For transparency reasons and to give you the ability to customize your install you use the [ISO Creator](https://github.com/telekom-security/tpotce) that enables you to create your own ISO installation image. **Requirements to create the ISO image:** - Debian 10 as host system (others *may* work, but *remain* untested) @@ -206,7 +206,7 @@ For transparency reasons and to give you the ability to customize your install y 1. Clone the repository and enter it. ``` -git clone https://github.com/dtag-dev-sec/tpotce +git clone https://github.com/telekom-security/tpotce cd tpotce ``` 2. Run the `makeiso.sh` script to build the ISO image. @@ -237,7 +237,7 @@ You can now jump [here](#firstrun). If you decide to run T-Pot on dedicated hardware, just follow these steps: 1. Burn a CD from the ISO image or make a bootable USB stick using the image.
-Whereas most CD burning tools allow you to burn from ISO images, the procedure to create a bootable USB stick from an ISO image depends on your system. There are various Windows GUI tools available, e.g. [this tip](http://www.ubuntu.com/download/desktop/create-a-usb-stick-on-windows) might help you.
On [Linux](http://askubuntu.com/questions/59551/how-to-burn-a-iso-to-a-usb-device) or [MacOS](http://www.ubuntu.com/download/desktop/create-a-usb-stick-on-mac-osx) you can use the tool *dd* or create the USB stick with T-Pot's [ISO Creator](https://github.com/dtag-dev-sec). +Whereas most CD burning tools allow you to burn from ISO images, the procedure to create a bootable USB stick from an ISO image depends on your system. There are various Windows GUI tools available, e.g. [this tip](http://www.ubuntu.com/download/desktop/create-a-usb-stick-on-windows) might help you.
On [Linux](http://askubuntu.com/questions/59551/how-to-burn-a-iso-to-a-usb-device) or [MacOS](http://www.ubuntu.com/download/desktop/create-a-usb-stick-on-mac-osx) you can use the tool *dd* or create the USB stick with T-Pot's [ISO Creator](https://github.com/telekom-security). 2. Boot from the USB stick and install. *Please note*: Limited tests are performed for the Intel NUC platform other hardware platforms **remain untested**. There is no hardware support provided of any kind. @@ -255,7 +255,7 @@ The T-Pot Universal Installer will upgrade the system and install all required T Just follow these steps: ``` -git clone https://github.com/dtag-dev-sec/tpotce +git clone https://github.com/telekom-security/tpotce cd tpotce/iso/installer/ ./install.sh --type=user ``` @@ -269,7 +269,7 @@ You can also let the installer run automatically if you provide your own `tpot.c Just follow these steps while adjusting `tpot.conf` to your needs: ``` -git clone https://github.com/dtag-dev-sec/tpotce +git clone https://github.com/telekom-security/tpotce cd tpotce/iso/installer/ cp tpot.conf.dist tpot.conf ./install.sh --type=auto --conf=tpot.conf @@ -466,7 +466,7 @@ As with every development there is always room for improvements ... Some features may be provided with updated docker images, others may require some hands on from your side. -You are always invited to participate in development on our [GitHub](https://github.com/dtag-dev-sec/tpotce) page. +You are always invited to participate in development on our [GitHub](https://github.com/telekom-security/tpotce) page. # Disclaimer @@ -478,18 +478,18 @@ You are always invited to participate in development on our [GitHub](https://git # FAQ -Please report any issues or questions on our [GitHub issue list](https://github.com/dtag-dev-sec/tpotce/issues), so the community can participate. +Please report any issues or questions on our [GitHub issue list](https://github.com/telekom-security/tpotce/issues), so the community can participate. # Contact The software is provided **as is** in a Community Edition format. T-Pot is designed to run out of the box and with zero maintenance involved.
-We hope you understand that we cannot provide support on an individual basis. We will try to address questions, bugs and problems on our [GitHub issue list](https://github.com/dtag-dev-sec/tpotce/issues). +We hope you understand that we cannot provide support on an individual basis. We will try to address questions, bugs and problems on our [GitHub issue list](https://github.com/telekom-security/tpotce/issues). # Licenses The software that T-Pot is built on uses the following licenses.
GPLv2: [conpot](https://github.com/mushorg/conpot/blob/master/LICENSE.txt), [dionaea](https://github.com/DinoTools/dionaea/blob/master/LICENSE), [honeysap](https://github.com/SecureAuthCorp/HoneySAP/blob/master/COPYING), [honeypy](https://github.com/foospidy/HoneyPy/blob/master/LICENSE), [honeytrap](https://github.com/armedpot/honeytrap/blob/master/LICENSE), [suricata](http://suricata-ids.org/about/open-source/) -
GPLv3: [adbhoney](https://github.com/huuck/ADBHoney), [elasticpot](https://gitlab.com/bontchev/elasticpot/-/blob/master/LICENSE), [ewsposter](https://github.com/dtag-dev-sec/ews/), [fatt](https://github.com/0x4D31/fatt/blob/master/LICENSE), [rdpy](https://github.com/citronneur/rdpy/blob/master/LICENSE), [heralding](https://github.com/johnnykv/heralding/blob/master/LICENSE.txt), [ipphoney](https://gitlab.com/bontchev/ipphoney/-/blob/master/LICENSE), [snare](https://github.com/mushorg/snare/blob/master/LICENSE), [tanner](https://github.com/mushorg/snare/blob/master/LICENSE) +
GPLv3: [adbhoney](https://github.com/huuck/ADBHoney), [elasticpot](https://gitlab.com/bontchev/elasticpot/-/blob/master/LICENSE), [ewsposter](https://github.com/telekom-security/ews/), [fatt](https://github.com/0x4D31/fatt/blob/master/LICENSE), [rdpy](https://github.com/citronneur/rdpy/blob/master/LICENSE), [heralding](https://github.com/johnnykv/heralding/blob/master/LICENSE.txt), [ipphoney](https://gitlab.com/bontchev/ipphoney/-/blob/master/LICENSE), [snare](https://github.com/mushorg/snare/blob/master/LICENSE), [tanner](https://github.com/mushorg/snare/blob/master/LICENSE)
Apache 2 License: [cyberchef](https://github.com/gchq/CyberChef/blob/master/LICENSE), [dicompot](https://github.com/nsmfoo/dicompot/blob/master/LICENSE), [elasticsearch](https://github.com/elasticsearch/elasticsearch/blob/master/LICENSE.txt), [logstash](https://github.com/elasticsearch/logstash/blob/master/LICENSE), [kibana](https://github.com/elasticsearch/kibana/blob/master/LICENSE.md), [docker](https://github.com/docker/docker/blob/master/LICENSE), [elasticsearch-head](https://github.com/mobz/elasticsearch-head/blob/master/LICENCE)
MIT license: [ciscoasa](https://github.com/Cymmetria/ciscoasa_honeypot/blob/master/LICENSE), [glutton](https://github.com/mushorg/glutton/blob/master/LICENSE)
Other: [citrixhoneypot](https://github.com/MalwareTech/CitrixHoneypot#licencing-agreement-malwaretech-public-licence), [cowrie](https://github.com/micheloosterhof/cowrie/blob/master/LICENSE.md), [mailoney](https://github.com/awhitehatter/mailoney), [Debian licensing](https://www.debian.org/legal/licenses/) diff --git a/bin/change_ews_config.sh b/bin/change_ews_config.sh index 6f9c25ba..5b660656 100755 --- a/bin/change_ews_config.sh +++ b/bin/change_ews_config.sh @@ -60,7 +60,7 @@ fi echo "" echo "[+] Creating config file with API UserID '$apiUser' and API Token '$apiToken'." echo "[+] Fetching config file from github. Outgoing https requests must be enabled!" -wget -q https://raw.githubusercontent.com/dtag-dev-sec/tpotce/master/docker/ews/dist/ews.cfg -O ews.cfg.dist +wget -q https://raw.githubusercontent.com/telekom-security/tpotce/master/docker/ews/dist/ews.cfg -O ews.cfg.dist if [[ -f "ews.cfg.dist" ]]; then echo "[+] Successfully downloaded ews.cfg from github." else diff --git a/cloud/ansible/README.md b/cloud/ansible/README.md index 15aed061..c517b6df 100644 --- a/cloud/ansible/README.md +++ b/cloud/ansible/README.md @@ -96,7 +96,7 @@ Import your SSH public key. # Clone Git Repository Clone the `tpotce` repository to your Ansible Master: -`git clone https://github.com/dtag-dev-sec/tpotce.git` +`git clone https://github.com/telekom-security/tpotce.git` All Ansible related files are located in the [`cloud/ansible/openstack`](openstack) folder. @@ -226,7 +226,7 @@ If you are running on a machine which asks for a sudo password, you can use: The Playbook will first install required packages on the Ansible Master and then deploy a new server instance. After that, T-Pot gets installed and configured on the newly created host, optionally custom configs are applied and finally it reboots. -Once this is done, you can proceed with connecting/logging in to the T-Pot according to the [documentation](https://github.com/dtag-dev-sec/tpotce#ssh-and-web-access). +Once this is done, you can proceed with connecting/logging in to the T-Pot according to the [documentation](https://github.com/telekom-security/tpotce#ssh-and-web-access). # Further documentation diff --git a/cloud/ansible/openstack/roles/install/tasks/main.yaml b/cloud/ansible/openstack/roles/install/tasks/main.yaml index 40977347..173c4f08 100644 --- a/cloud/ansible/openstack/roles/install/tasks/main.yaml +++ b/cloud/ansible/openstack/roles/install/tasks/main.yaml @@ -6,7 +6,7 @@ - name: Cloning T-Pot install directory git: - repo: "https://github.com/dtag-dev-sec/tpotce.git" + repo: "https://github.com/telekom-security/tpotce.git" dest: /root/tpot - name: Prepare to set user password diff --git a/cloud/terraform/cloud-init.yaml b/cloud/terraform/cloud-init.yaml index 123e1612..18d6621a 100644 --- a/cloud/terraform/cloud-init.yaml +++ b/cloud/terraform/cloud-init.yaml @@ -5,7 +5,7 @@ packages: - git runcmd: - - git clone https://github.com/dtag-dev-sec/tpotce /root/tpot + - git clone https://github.com/telekom-security/tpotce /root/tpot - /root/tpot/iso/installer/install.sh --type=auto --conf=/root/tpot.conf - rm /root/tpot.conf - /sbin/shutdown -r now diff --git a/docker/deprecated/elasticpot.old/README.md b/docker/deprecated/elasticpot.old/README.md index cbe64597..ac61f101 100644 --- a/docker/deprecated/elasticpot.old/README.md +++ b/docker/deprecated/elasticpot.old/README.md @@ -4,7 +4,7 @@ [elasticpot](https://github.com/schmalle/ElasticPot) is a simple elastic search honeypot. -This dockerized version is part of the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)** of Deutsche Telekom AG. +This dockerized version is part of the **[T-Pot community honeypot](http://telekom-security.github.io/)** of Deutsche Telekom AG. The `Dockerfile` contains the blueprint for the dockerized elasticpot and will be used to setup the docker image. diff --git a/docker/deprecated/glastopf/README.md b/docker/deprecated/glastopf/README.md index 166c6998..180926a8 100644 --- a/docker/deprecated/glastopf/README.md +++ b/docker/deprecated/glastopf/README.md @@ -4,7 +4,7 @@ [glastopf](https://github.com/mushorg/glastopf) is a python web application honeypot. -This dockerized version is part of the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)** of Deutsche Telekom AG. +This dockerized version is part of the **[T-Pot community honeypot](http://telekom-security.github.io/)** of Deutsche Telekom AG. The `Dockerfile` contains the blueprint for the dockerized glastopf and will be used to setup the docker image. diff --git a/docker/heimdall/dist/app/app.sqlite b/docker/heimdall/dist/app/app.sqlite index 5447bd064b8f380ffa4e7a38f75ce1843fc76401..827ac16dea4b9247e4696991367d25d6c24c246c 100755 GIT binary patch delta 65 zcmZo@;Ol7M+c3*opd>XXH9J37w>UMqv?#Nra`Q54U1ki?=KFT-_w5*gm}&ccJ7z^k E08rT(-T(jq delta 57 zcmeBZ;A?2$+c3+TC#57YT{k7QOt&~SdGji3U1k)K=I3_p&+Qn2m}&cSJ7z^k0B;Nx Awg3PC diff --git a/docker/p0f/README.md b/docker/p0f/README.md deleted file mode 100644 index c3af5e3c..00000000 --- a/docker/p0f/README.md +++ /dev/null @@ -1,11 +0,0 @@ -[![](https://images.microbadger.com/badges/version/dtagdevsec/p0f:1804.svg)](https://microbadger.com/images/dtagdevsec/p0f:1804 "Get your own version badge on microbadger.com") [![](https://images.microbadger.com/badges/image/dtagdevsec/p0f:1804.svg)](https://microbadger.com/images/dtagdevsec/p0f:1804 "Get your own image badge on microbadger.com") - -# p0f - -[p0f](http://lcamtuf.coredump.cx/p0f3/) P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. - -This dockerized version is part of the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)** of Deutsche Telekom AG. - -The `Dockerfile` contains the blueprint for the dockerized p0f and will be used to setup the docker image. - -The `docker-compose.yml` contains the necessary settings to test p0f using `docker-compose`. This will ensure to start the docker container with the appropriate permissions and port mappings. diff --git a/iso/installer/install.sh b/iso/installer/install.sh index fc43b8f5..d9bdde57 100755 --- a/iso/installer/install.sh +++ b/iso/installer/install.sh @@ -704,7 +704,7 @@ hash -r if ! [ "$myTPOT_DEPLOYMENT_TYPE" == "iso" ]; then fuBANNER "Cloning T-Pot" - git clone https://github.com/dtag-dev-sec/tpotce /opt/tpot + git clone https://github.com/telekom-security/tpotce /opt/tpot fi # Let's create the T-Pot user diff --git a/iso/preseed/tpot.seed b/iso/preseed/tpot.seed index 11f8b1a8..4a8262d1 100755 --- a/iso/preseed/tpot.seed +++ b/iso/preseed/tpot.seed @@ -131,7 +131,7 @@ in-target apt-get -y install grub-pc; \ in-target grub-install --force $(debconf-get partman-auto/disk); \ update-dev; \ in-target update-grub; \ -in-target git clone --depth=1 https://github.com/dtag-dev-sec/tpotce /opt/tpot; \ +in-target git clone --depth=1 https://github.com/telekom-security/tpotce /opt/tpot; \ in-target sed -i 's/allow-hotplug/auto/g' /etc/network/interfaces; \ #in-target apt-get -y remove exim4-base; \ #in-target apt-get -y autoremove; \ diff --git a/update.sh b/update.sh index f2032674..453af2ea 100755 --- a/update.sh +++ b/update.sh @@ -266,7 +266,7 @@ echo "### If you made changes to tpot.yml please ensure to add them again." echo "### We stored the previous version as backup in /root/." echo "### Some updates may need an import of the latest Kibana objects as well." echo "### Download the latest objects here if they recently changed:" -echo "### https://raw.githubusercontent.com/dtag-dev-sec/tpotce/master/etc/objects/kibana_export.json.zip" +echo "### https://raw.githubusercontent.com/telekom-security/tpotce/master/etc/objects/kibana_export.ndjson.zip" echo "### Export and import the objects easily through the Kibana WebUI:" echo "### Go to Kibana > Management > Saved Objects > Export / Import" echo "### Or use the command:"