diff --git a/installer/bin/check.sh b/installer/bin/check.sh
new file mode 100755
index 00000000..e147dd69
--- /dev/null
+++ b/installer/bin/check.sh
@@ -0,0 +1,42 @@
+#!/bin/bash
+
+########################################################
+# T-Pot Community Edition                              #
+# Check container and services script                  #
+#                                                      #
+# v0.10 by mo, DTAG, 2015-01-27                        #
+########################################################
+
+if [ -f /var/run/check.lock ];
+  then exit
+fi
+
+touch /var/run/check.lock
+
+myUPTIME=$(awk '{print int($1/60)}' /proc/uptime)
+for i in dionaea elk ews glastopf honeytrap kippo suricata
+do 
+  myCIDSTATUS=$(docker exec -i $i supervisorctl status)
+  if [ $? -ne 0 ]; then
+    myCIDSTATUS=1 
+  else 
+    myCIDSTATUS=$(echo $myCIDSTATUS | egrep -c "(STOPPED|FATAL)")
+  fi
+  if [ $myCIDSTATUS -gt 0 ]; then
+    if [ $myUPTIME -gt 5 ]; then
+      service docker stop
+      docker rm $(docker ps -aq)
+      service docker start
+      for j in dionaea glastopf honeytrap kippo suricata ews elk
+      do
+        sleep 10
+        service $j start
+      done
+      rm /var/run/check.lock
+      exit 0
+    fi
+  fi
+done
+
+rm /var/run/check.lock
+
diff --git a/installer/bin/status.sh b/installer/bin/status.sh
new file mode 100755
index 00000000..7a72c0b3
--- /dev/null
+++ b/installer/bin/status.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+
+########################################################
+# T-Pot Community Edition                              #
+# Container and services status script                 #
+#                                                      #
+# v0.10 by mo, DTAG, 2015-01-27                        #
+########################################################
+myCOUNT=1
+while true
+do 
+  if ! [ -f /var/run/check.lock ];
+    then break
+  fi
+  sleep 0.1
+  if [ $myCOUNT = 1 ];
+    then
+      echo -n "Waiting for services "
+    else echo -n .
+  fi
+  myCOUNT=$[$myCOUNT +1]
+done
+echo
+echo
+echo "****************** $(date) ******************"
+echo
+echo
+for i in dionaea elk ews glastopf honeytrap kippo suricata
+do 
+  echo "======| Container:" $i "|======"
+  docker exec -i $i supervisorctl status | GREP_COLORS='mt=01;32' egrep --color=always "(RUNNING)|$" | GREP_COLORS='mt=01;31' egrep --color=always "(STOPPED|FATAL)|$"
+  echo
+done
diff --git a/installer/etc/issue b/installer/etc/issue
new file mode 100644
index 00000000..99a2e813
--- /dev/null
+++ b/installer/etc/issue
@@ -0,0 +1,16 @@
+T-Pot Community Edition (Beta)
+Hostname: \n 
+IP: 10.4.122.95
+
+
+___________     _____________________________
+\\__    ___/     \\______   \\_____  \\__    ___/
+  |    |  ______ |     ___//   |   \\|    |
+  |    | /_____/ |    |   /    |    \\    |
+  |____|         |____|   \\_______  /____|
+                                  \\/
+
+
+CTRL+ALT+F2 - Display current container status
+CTRL+ALT+F1 - Return to this screen
+
diff --git a/installer/home/2fa_enable.sh b/installer/home/2fa_enable.sh
new file mode 100755
index 00000000..e3c8e409
--- /dev/null
+++ b/installer/home/2fa_enable.sh
@@ -0,0 +1,31 @@
+#!/bin/bash
+
+########################################################
+# T-Pot Community Edition                              #
+# Two-Factor authentication enable script              #
+#                                                      #
+# v0.20 by mo, DTAG, 2015-01-27                        #
+########################################################
+
+echo "### This script will enable Two-Factor-Authentication based on Google Authenticator for SSH."
+while true 
+do
+  echo -n "### Do you want to continue (y/n)? "; read myANSWER;
+  case $myANSWER in
+    n)
+      echo "### Exiting."
+      exit 0;
+      ;;
+    y)
+      break
+      ;;
+  esac
+done
+if [ -f /etc/pam.d/sshd.bak ];
+  then echo "### Already enabled. Exiting."
+  exit 1;
+fi
+sudo sed -i.bak '\# PAM#aauth required pam_google_authenticator.so' /etc/pam.d/sshd
+sudo sed -i.bak 's#ChallengeResponseAuthentication no#ChallengeResponseAuthentication yes#' /etc/ssh/sshd_config
+google-authenticator -t -d -f -r 3 -R 30 -w 21
+echo "### Please do not forget to run the ssh_enable script."
diff --git a/installer/home/ssh_enable.sh b/installer/home/ssh_enable.sh
new file mode 100755
index 00000000..5c97efc8
--- /dev/null
+++ b/installer/home/ssh_enable.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+
+########################################################
+# T-Pot Community Edition                              #
+# SSH enable script                                    #
+#                                                      #
+# v0.21 by mo, DTAG, 2015-01-27                        #
+########################################################
+
+if ! [ -f /etc/init/ssh.override ];
+  then echo "### SSH is already enabled. Exiting."
+  exit 1;
+fi
+
+echo "### This script will enable the ssh service (default port tcp/64295)."
+echo "### Password authentication is disabled by default."
+
+while true 
+do
+  echo -n "### Do you want to continue (y/n)? "; read myANSWER;
+  case $myANSWER in
+    n)
+      echo "### Exiting."
+      exit 0;
+      ;;
+    y)
+      break
+      ;;
+  esac
+done
+sudo rm /etc/init/ssh.override
+sudo service ssh start
diff --git a/installer/install1.sh b/installer/install1.sh
index b502ec57..5682f884 100755
--- a/installer/install1.sh
+++ b/installer/install1.sh
@@ -4,7 +4,7 @@
 #                           and consoleblank permanently    #
 # Ubuntu server 14.04.1, x64                                #
 #                                                           #
-# v0.07 by mo, DTAG, 2015-01-20                             #
+# v0.10 by mo, DTAG, 2015-01-20                             #
 #############################################################
 
 # Let's replace "quiet splash" options and update grub
diff --git a/installer/install2.sh b/installer/install2.sh
index 26b2515e..a7b19a74 100755
--- a/installer/install2.sh
+++ b/installer/install2.sh
@@ -3,7 +3,7 @@
 # T-Pot Community Edition post install script          #
 # Ubuntu server 14.04, x64                             #
 #                                                      #
-# v0.21 by mo, DTAG, 2015-01-22                        #
+# v0.30 by mo, DTAG, 2015-01-27                        #
 ########################################################
 
 # Let's make sure there is a warning if running for a second time
@@ -55,15 +55,18 @@ adduser --system --no-create-home --uid 2000 --disabled-password --disabled-logi
 fuECHO "### Creating some files and folders."
 mkdir -p /data/ews/log /data/ews/conf /data/elk/data /data/elk/log
 
-# Let's modify the ownership / access rights
+# Let's modify some ownership / access rights
 chmod 760 -R /data
 chown tpot:tpot -R /data
 
+chmod 700 /home/tsec/*.sh
+chown tsec:tsec /home/tsec/*.sh
+
 # Let's set the hostname
 fuECHO "### Setting a new hostname."
 myHOST=ce$(date +%s)$RANDOM
 hostnamectl set-hostname $myHOST
-sed -i 's/127.0.1.1.*/127.0.1.1\t'"$myHOST"'/g' /etc/hosts
+sed -i 's#127.0.1.1.*#127.0.1.1\t'"$myHOST"'#g' /etc/hosts
 
 # Let's patch sshd_config
 fuECHO "### Patching sshd_config to listen on port 64295 and deny password authentication."
@@ -71,67 +74,7 @@ sed -i 's#Port 22#Port 64295#' /etc/ssh/sshd_config
 sed -i 's#\#PasswordAuthentication yes#PasswordAuthentication no#' /etc/ssh/sshd_config
 
 # Let's disable ssh service
-mv /etc/init/ssh.conf /etc/init/ssh.conf.disable
-
-# Let's create the 2FA enable script
-fuECHO "### Creating 2FA enable script."
-tee /home/tsec/2fa_enable.sh <<EOF
-#!/bin/bash
-echo "### This script will enable Two-Factor-Authentication based on Google Authenticator for SSH."
-while true 
-do
-  echo -n "### Do you want to continue (y/n)? "; read myANSWER;
-  case \$myANSWER in
-    n)
-      echo "### Exiting."
-      exit 0;
-      ;;
-    y)
-      break
-      ;;
-  esac
-done
-if [ -f /etc/pam.d/sshd.bak ];
-  then echo "### Already enabled. Exiting."
-  exit 1;
-fi
-sudo sed -i.bak '\# PAM#aauth required pam_google_authenticator.so' /etc/pam.d/sshd
-sudo sed -i.bak 's#ChallengeResponseAuthentication no#ChallengeResponseAuthentication yes#' /etc/ssh/sshd_config
-google-authenticator -t -d -f -r 3 -R 30 -w 21
-echo "### Please do not forget to run the ssh_enable script."
-EOF
-chmod 700 /home/tsec/2fa_enable.sh
-chown tsec:tsec /home/tsec/2fa_enable.sh
-
-# Let's create the ssh enable script
-fuECHO "### Creating ssh enable script."
-tee /home/tsec/ssh_enable.sh <<EOF
-#!/bin/bash
-echo "### This script will enable the ssh service (default port tcp/64295)."
-echo "### Password authentication is disabled by default."
-while true 
-do
-  echo -n "### Do you want to continue (y/n)? "; read myANSWER;
-  case \$myANSWER in
-    n)
-      echo "### Exiting."
-      exit 0;
-      ;;
-    y)
-      break
-      ;;
-  esac
-done
-if [ -f /etc/init/ssh.conf ];
-  then echo "### Already enabled. Exiting."
-  exit 1;
-fi
-sudo mv /etc/init/ssh.conf.disable /etc/init/ssh.conf
-sudo service ssh start
-EOF
-chmod 700 /home/tsec/ssh_enable.sh
-chown tsec:tsec /home/tsec/ssh_enable.sh
-
+echo "manual" >> /etc/init/ssh.override
 
 # Let's patch docker defaults, so we can run images as service
 fuECHO "### Patching docker defaults."
@@ -139,144 +82,6 @@ tee -a /etc/default/docker <<EOF
 DOCKER_OPTS="-r=false"
 EOF
 
-# Let's create an upstart config for the dionaea docker image
-fuECHO "### Adding upstart config for the dionaea docker image."
-tee /etc/init/dionaea.conf <<EOF
-description "Dionaea"
-author "mo"
-start on started docker and filesystem
-stop on runlevel [!2345]
-respawn
-script
-  sleep 1
-  /usr/bin/docker run --name dionaea --cap-add=NET_BIND_SERVICE --rm=true -p 21:21 -p 42:42 -p 8080:80 -p 135:135 -p 443:443 -p 445:445 -p 1433:1433 -p 3306:3306 -p 5061:5061 -p 5060:5060 -p 69:69/udp -p 5060:5060/udp -v /data/dionaea dtagdevsec/dionaea
-end script
-post-stop script
-  sleep 1
-  /usr/bin/docker rm dionaea
-end script
-EOF
-
-# Let's create an upstart config for the elk docker image
-fuECHO "### Adding upstart config for the elk docker image."
-tee /etc/init/elk.conf <<EOF
-description "ELK"
-author "mo"
-start on started docker and filesystem and started suricata and started ews
-stop on runlevel [!2345]
-respawn
-script
-  sleep 1 
-  /usr/bin/docker run --name=elk --volumes-from ews --volumes-from suricata -v /data/elk/:/data/elk/ -p 127.0.0.1:64296:80 --rm=true dtagdevsec/elk
-end script
-post-stop script
-  sleep 1
-  /usr/bin/docker rm elk 
-end script
-EOF
-
-# Let's create an upstart config for the ews docker image
-fuECHO "### Adding upstart config for the ews docker image."
-tee /etc/init/ews.conf <<EOF
-description "EWS"
-author "mo"
-start on started docker and filesystem and started dionaea and started honeytrap and started kippo and started glastopf
-stop on runlevel [!2345]
-respawn
-script
-  sleep 15 
-  /usr/bin/docker run --name ews --volumes-from dionaea --volumes-from glastopf --volumes-from honeytrap --volumes-from kippo --rm=true -v /data/ews/:/data/ews/ --link kippo:kippo dtagdevsec/ews
-end script
-post-stop script
-  sleep 1
-  /usr/bin/docker rm ews
-end script
-EOF
-
-# Let's create an upstart config for the glastopf docker image
-fuECHO "### Adding upstart config for the glastopf docker image."
-tee /etc/init/glastopf.conf <<EOF
-description "Glastopf"
-author "mo"
-start on started docker and filesystem
-stop on runlevel [!2345]
-respawn
-script
-  sleep 1
-  /usr/bin/docker run --name glastopf --rm=true -p 80:80 -v /data/glastopf dtagdevsec/glastopf 
-end script
-post-stop script
-  sleep 1
-  /usr/bin/docker rm glastopf
-end script
-EOF
-
-# Let's create an upstart config for the honeytrap docker image
-fuECHO "### Adding upstart config for the honeytrap docker image."
-tee /etc/init/honeytrap.conf <<EOF
-description "Honeytrap"
-author "mo"
-start on started docker and filesystem
-stop on runlevel [!2345]
-respawn
-pre-start script
-  sleep 1
-  /sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -m multiport ! --dports 21,22,42,80,135,443,445,1433,3306,5060,5061,64295,64296 -j NFQUEUE
-end script
-script
-  sleep 1
-  /usr/bin/docker run --name honeytrap --cap-add=NET_ADMIN --net=host --rm=true -v /data/honeytrap dtagdevsec/honeytrap
-end script
-post-stop script
-  sleep 1
-  /sbin/iptables -w -D INPUT -p tcp --syn -m state --state NEW -m multiport ! --dports 21,22,42,80,135,443,445,1433,3306,5060,5061,64295,64296 -j NFQUEUE
-  /usr/bin/docker rm honeytrap
-end script
-EOF
-
-# Let's create an upstart config for the kippo docker image
-fuECHO "### Adding upstart config for the kippo docker image."
-tee /etc/init/kippo.conf <<EOF
-description "Kippo"
-author "mo"
-start on started docker and filesystem
-stop on runlevel [!2345]
-respawn
-script
-  sleep 1 
-  /usr/bin/docker run --name kippo --rm=true -p 22:2222 -v /data/kippo dtagdevsec/kippo 
-end script
-post-stop script
-  sleep 1
-  /usr/bin/docker rm kippo
-end script
-EOF
-
-# Let's create an upstart config for the suricata docker image
-fuECHO "### Adding upstart config for the suricata docker image."
-tee /etc/init/suricata.conf <<EOF
-description "Suricata"
-author "mo"
-start on started docker and filesystem
-stop on runlevel [!2345]
-respawn
-pre-start script
-  sleep 1
-  myIF=\$(route | grep default | awk '{ print \$8 }')
-  /sbin/ethtool --offload \$myIF rx off tx off
-  /sbin/ethtool -K \$myIF gso off gro off
-  /sbin/ip link set \$myIF promisc on
-end script
-script
-  sleep 1
-  /usr/bin/docker run --name suricata --cap-add=NET_ADMIN --net=host --rm=true -v /data/suricata/ dtagdevsec/suricata 
-end script
-post-stop script
-  sleep 1
-  /usr/bin/docker rm suricata
-end script
-EOF
-
 # Let's load docker images from remote
 fuECHO "### Downloading docker images from DockerHub. Please be patient, this may take a while."
 for name in dionaea elk ews glastopf honeytrap kippo suricata
@@ -292,39 +97,26 @@ APT::Periodic::Download-Upgradeable-Packages "0";
 APT::Periodic::AutocleanInterval "7";
 EOF
 
-# Let's add "docker ps" output to /dev/tty2 every 60s
-fuECHO "### Adding useful docker output to tty2"
+# Let's add some conrjobs
+fuECHO "### Adding cronjobs."
 tee -a /etc/crontab <<EOF
 
 # Show running containers every 60s via /dev/tty2
-*/1 * * * * root echo > /dev/tty2; date > /dev/tty2; docker ps > /dev/tty2; echo > /dev/tty2
-EOF
-
-# Let's add a nice and useful issue text and update rc.local accordingly
-fuECHO "### Adding a nice and useful issue text and updating rc.local accordingly."
-tee /etc/issue <<EOF
-T-Pot Community Edition
-Hostname: \n 
-IP:
-
-
-___________     _____________________________
-\\\__    ___/     \\\______   \\\_____  \\\__    ___/
-  |    |  ______ |     ___//   |   \\\|    |
-  |    | /_____/ |    |   /    |    \\\    |
-  |____|         |____|   \\\_______  /____|
-                                  \\\/
-
-
-CTRL+ALT+F2 - Display current container status
-CTRL+ALT+F1 - Return to this screen
-
+*/2 * * * * root /usr/bin/status.sh 2 > /dev/tty2 
+
+# Check if containers and services are up
+*/5 * * * * root /usr/bin/check.sh
 EOF
 
+# Let's update rc.local
+fuECHO "### Updating rc.local."
 tee /etc/rc.local.new <<EOF
 #!/bin/sh -e
 # Let's add the first local ip to the /etc/issue file
 sed -i "s#IP:.*#IP: \$(hostname -I | awk '{ print \$1 }')#" /etc/issue
+if [ -f /var/run/check.lock ];
+  then rm /var/run/check.lock
+fi
 setupcon
 exit 0
 EOF
@@ -333,4 +125,6 @@ chmod +x /etc/rc.local.new
 
 # Final steps
 fuECHO "### Thanks for your patience. Now rebooting."
+mv /root/upstart/*.conf /etc/init/
+rm -rf /root/upstart/
 mv /etc/rc.local.new /etc/rc.local && chage -d 0 tsec && sleep 2 && reboot
diff --git a/installer/upstart/dionaea.conf b/installer/upstart/dionaea.conf
new file mode 100644
index 00000000..b2000bd4
--- /dev/null
+++ b/installer/upstart/dionaea.conf
@@ -0,0 +1,24 @@
+########################################################
+# T-Pot Community Edition                              #
+# Dionaea upstart script                               #
+#                                                      #
+# v0.50 by mo, DTAG, 2015-01-27                        #
+########################################################
+
+description "Dionaea"
+author "mo"
+start on started docker and filesystem
+stop on runlevel [!2345]
+respawn
+pre-start script
+  # Remove any existing dionaea containers
+  myCID=$(docker ps -a | grep dionaea | awk '{ print $1 }')
+  if [ "$myCID" != "" ];
+    then docker rm $myCID;
+  fi
+end script
+script
+  # Delayed start to avoid rapid respawning
+  sleep $(((RANDOM % 5)+5)) 
+  /usr/bin/docker run --name dionaea --cap-add=NET_BIND_SERVICE --rm=true -p 21:21 -p 42:42 -p 8080:80 -p 135:135 -p 443:443 -p 445:445 -p 1433:1433 -p 3306:3306 -p 5061:5061 -p 5060:5060 -p 69:69/udp -p 5060:5060/udp -v /data/dionaea dtagdevsec/dionaea
+end script
diff --git a/installer/upstart/docker.conf b/installer/upstart/docker.conf
new file mode 100644
index 00000000..f9930bd3
--- /dev/null
+++ b/installer/upstart/docker.conf
@@ -0,0 +1,58 @@
+description "Docker daemon"
+
+start on (local-filesystems and net-device-up IFACE!=lo)
+stop on runlevel [!2345]
+limit nofile 524288 1048576
+limit nproc 524288 1048576
+
+respawn
+
+pre-start script
+	# see also https://github.com/tianon/cgroupfs-mount/blob/master/cgroupfs-mount
+	if grep -v '^#' /etc/fstab | grep -q cgroup \
+		|| [ ! -e /proc/cgroups ] \
+		|| [ ! -d /sys/fs/cgroup ]; then
+		exit 0
+	fi
+	if ! mountpoint -q /sys/fs/cgroup; then
+		mount -t tmpfs -o uid=0,gid=0,mode=0755 cgroup /sys/fs/cgroup
+	fi
+	(
+		cd /sys/fs/cgroup
+		for sys in $(awk '!/^#/ { if ($4 == 1) print $1 }' /proc/cgroups); do
+			mkdir -p $sys
+			if ! mountpoint -q $sys; then
+				if ! mount -n -t cgroup -o $sys cgroup $sys; then
+					rmdir $sys || true
+				fi
+			fi
+		done
+	)
+end script
+
+script
+	# modify these in /etc/default/$UPSTART_JOB (/etc/default/docker)
+	DOCKER=/usr/bin/$UPSTART_JOB
+	DOCKER_OPTS=
+	if [ -f /etc/default/$UPSTART_JOB ]; then
+		. /etc/default/$UPSTART_JOB
+	fi
+	exec "$DOCKER" -d $DOCKER_OPTS
+end script
+
+# Don't emit "started" event until docker.sock is ready.
+# See https://github.com/docker/docker/issues/6647
+post-start script
+	DOCKER_OPTS=
+	if [ -f /etc/default/$UPSTART_JOB ]; then
+		. /etc/default/$UPSTART_JOB
+	fi
+	if ! printf "%s" "$DOCKER_OPTS" | grep -qE -e '-H|--host'; then
+		while ! [ -e /var/run/docker.sock ]; do
+			initctl status $UPSTART_JOB | grep -q "stop/" && exit 1
+			echo "Waiting for /var/run/docker.sock"
+			sleep 0.1
+		done
+		echo "/var/run/docker.sock is up"
+	fi
+end script
diff --git a/installer/upstart/elk.conf b/installer/upstart/elk.conf
new file mode 100644
index 00000000..a8a118af
--- /dev/null
+++ b/installer/upstart/elk.conf
@@ -0,0 +1,24 @@
+########################################################
+# T-Pot Community Edition                              #
+# ELK upstart script                                   #
+#                                                      #
+# v0.50 by mo, DTAG, 2015-01-27                        #
+########################################################
+
+description "ELK"
+author "mo"
+start on started docker and filesystem
+stop on runlevel [!2345]
+respawn
+pre-start script
+  # Remove any existing elk containers
+  myCID=$(docker ps -a | grep elk | awk '{ print $1 }')
+  if [ "$myCID" != "" ];
+    then docker rm $myCID;
+  fi
+end script
+script
+  # Delayed start to avoid rapid respawning 
+  sleep $(((RANDOM % 5)+5)) 
+  /usr/bin/docker run --name=elk --volumes-from ews --volumes-from suricata -v /data/elk/:/data/elk/ -p 127.0.0.1:64296:80 --rm=true dtagdevsec/elk
+end script
diff --git a/installer/upstart/ews.conf b/installer/upstart/ews.conf
new file mode 100644
index 00000000..5bae4e6d
--- /dev/null
+++ b/installer/upstart/ews.conf
@@ -0,0 +1,24 @@
+########################################################
+# T-Pot Community Edition                              #
+# EWS upstart script                                   #
+#                                                      #
+# v0.50 by mo, DTAG, 2015-01-27                        #
+########################################################
+
+description "EWS"
+author "mo"
+start on started docker and filesystem
+stop on runlevel [!2345]
+respawn
+pre-start script
+  # Remove any existing ews containers
+  myCID=$(docker ps -a | grep ews | awk '{ print $1 }')
+  if [ "$myCID" != "" ];
+    then docker rm $myCID;
+  fi
+end script
+script
+  # Delayed start to avoid rapid respawning
+  sleep $(((RANDOM % 5)+5)) 
+  /usr/bin/docker run --name ews --volumes-from dionaea --volumes-from glastopf --volumes-from honeytrap --volumes-from kippo --rm=true -v /data/ews/:/data/ews/ --link kippo:kippo dtagdevsec/ews
+end script
diff --git a/installer/upstart/glastopf.conf b/installer/upstart/glastopf.conf
new file mode 100644
index 00000000..06840bed
--- /dev/null
+++ b/installer/upstart/glastopf.conf
@@ -0,0 +1,24 @@
+########################################################
+# T-Pot Community Edition                              #
+# Glastopf upstart script                              #
+#                                                      #
+# v0.50 by mo, DTAG, 2015-01-27                        #
+########################################################
+
+description "Glastopf"
+author "mo"
+start on started docker and filesystem
+stop on runlevel [!2345]
+respawn
+pre-start script
+  # Remove any existing glastopf containers
+  myCID=$(docker ps -a | grep glastopf | awk '{ print $1 }')
+  if [ "$myCID" != "" ];
+    then docker rm $myCID;
+  fi
+end script
+script
+  # Delayed start to avoid rapid respawning
+  sleep $(((RANDOM % 5)+5)) 
+  /usr/bin/docker run --name glastopf --rm=true -p 80:80 -v /data/glastopf dtagdevsec/glastopf 
+end script
diff --git a/installer/upstart/honeytrap.conf b/installer/upstart/honeytrap.conf
new file mode 100644
index 00000000..64743ba0
--- /dev/null
+++ b/installer/upstart/honeytrap.conf
@@ -0,0 +1,28 @@
+########################################################
+# T-Pot Community Edition                              #
+# Honeytrap upstart script                             #
+#                                                      #
+# v0.50 by mo, DTAG, 2015-01-27                        #
+########################################################
+
+description "Honeytrap"
+author "mo"
+start on started docker and filesystem
+stop on runlevel [!2345]
+respawn
+pre-start script
+  # Remove any existing honeytrap containers
+  myCID=$(docker ps -a | grep honeytrap | awk '{ print $1 }')
+  if [ "$myCID" != "" ];
+    then docker rm $myCID;
+  fi
+  /sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -m multiport ! --dports 21,22,42,80,135,443,445,1433,3306,5060,5061,64295,64296 -j NFQUEUE
+end script
+script
+  # Delayed start to avoid rapid respawning
+  sleep $(((RANDOM % 5)+5)) 
+  /usr/bin/docker run --name honeytrap --cap-add=NET_ADMIN --net=host --rm=true -v /data/honeytrap dtagdevsec/honeytrap
+end script
+post-stop script
+  /sbin/iptables -w -D INPUT -p tcp --syn -m state --state NEW -m multiport ! --dports 21,22,42,80,135,443,445,1433,3306,5060,5061,64295,64296 -j NFQUEUE
+end script
diff --git a/installer/upstart/kippo.conf b/installer/upstart/kippo.conf
new file mode 100644
index 00000000..5655f840
--- /dev/null
+++ b/installer/upstart/kippo.conf
@@ -0,0 +1,24 @@
+########################################################
+# T-Pot Community Edition                              #
+# Kippo upstart script                                 #
+#                                                      #
+# v0.50 by mo, DTAG, 2015-01-27                        #
+########################################################
+
+description "Kippo"
+author "mo"
+start on started docker and filesystem
+stop on runlevel [!2345]
+respawn
+pre-start script
+  # Remove any existing kippo containers
+  myCID=$(docker ps -a | grep kippo | awk '{ print $1 }')
+  if [ "$myCID" != "" ];
+    then docker rm $myCID;
+  fi
+end script
+script
+  # Delayed start to avoid rapid respawning
+  sleep $(((RANDOM % 5)+5)) 
+  /usr/bin/docker run --name kippo --rm=true -p 22:2222 -v /data/kippo dtagdevsec/kippo 
+end script
diff --git a/installer/upstart/suricata.conf b/installer/upstart/suricata.conf
new file mode 100644
index 00000000..cbdb4428
--- /dev/null
+++ b/installer/upstart/suricata.conf
@@ -0,0 +1,28 @@
+########################################################
+# T-Pot Community Edition                              #
+# Suricata upstart script                              #
+#                                                      #
+# v0.50 by mo, DTAG, 2015-01-27                        #
+########################################################
+
+description "Suricata"
+author "mo"
+start on started docker and filesystem
+stop on runlevel [!2345]
+respawn
+pre-start script
+  # Remove any existing suricata containers
+  myCID=$(docker ps -a | grep suricata | awk '{ print $1 }')
+  if [ "$myCID" != "" ];
+    then docker rm $myCID;
+  fi
+  myIF=$(route | grep default | awk '{ print $8 }')
+  /sbin/ethtool --offload $myIF rx off tx off
+  /sbin/ethtool -K $myIF gso off gro off
+  /sbin/ip link set $myIF promisc on
+end script
+script
+  # Delayed start to avoid rapid respawning
+  sleep $(((RANDOM % 5)+5)) 
+  /usr/bin/docker run --name suricata --cap-add=NET_ADMIN --net=host --rm=true -v /data/suricata/ dtagdevsec/suricata 
+end script
diff --git a/makeiso.sh b/makeiso.sh
index 8059d7cb..dbfd18e2 100755
--- a/makeiso.sh
+++ b/makeiso.sh
@@ -1,9 +1,10 @@
 #!/bin/bash
+
 ########################################################
-# .iso maker for tpotce                                #
+# T-Pot Community Edition                              #
+# .ISO maker                                           #
 #                                                      #
-#                                                      #
-# v0.04 by mo, 2014-12-11                              #
+# v0.10 by mo, DTAG, 2015-01-27                        #
 ########################################################
 
 # Let's define some global vars
@@ -47,7 +48,7 @@ losetup -d /dev/loop0
 # Let's add the files for the automated install
 fuECHO "### Adding the automated install files."
 mkdir -p $myTPOTCEDIR/tpotce
-cp installer/* $myTPOTCEDIR/tpotce/
+cp installer/* -r $myTPOTCEDIR/tpotce/
 cp isolinux/* $myTPOTCEDIR/isolinux/
 cp kickstart/* $myTPOTCEDIR/tpotce/
 cp preseed/* $myTPOTCEDIR/tpotce/
diff --git a/preseed/tpotce.seed b/preseed/tpotce.seed
index eeabe2bd..2027e125 100755
--- a/preseed/tpotce.seed
+++ b/preseed/tpotce.seed
@@ -36,7 +36,11 @@ d-i pkgsel/update-policy select unattended-upgrades
 # Post install
 d-i preseed/late_command string \
 cp /cdrom/tpotce/install1.sh /target/etc/rc.local; \
-cp /cdrom/tpotce/install2.sh /target/root/install.sh
+cp /cdrom/tpotce/install2.sh /target/root/install.sh; \
+cp /cdrom/tpotce/bin/*.sh /target/usr/bin/; \
+cp /cdrom/tpotce/etc/issue /target/etc/; \
+cp /cdrom/tpotce/home/*.sh /target/home/tsec/; \
+cp -r /cdrom/tpotce/upstart/ /target/root/
 
 # Reboot
 d-i finish-install/reboot_in_progress note
diff --git a/tpotce b/tpotce
new file mode 160000
index 00000000..43e4f479
--- /dev/null
+++ b/tpotce
@@ -0,0 +1 @@
+Subproject commit 43e4f47977152a51ecb20ea104962caa87bbaaa6