telekom-security/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-02 01:27:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

Installer upgrade

Browse Source
This commit is contained in:
t3chn0m4g3
2015-01-27 17:46:52 +01:00
parent 1cb5191bba
commit 41ab55f957
18 changed files with 420 additions and 232 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
installer/upstart/dionaea.conf Normal file
View File

@ -0,0 +1,24 @@
########################################################
# T-Pot Community Edition #
# Dionaea upstart script #
# #
# v0.50 by mo, DTAG, 2015-01-27 #
########################################################
description "Dionaea"
author "mo"
start on started docker and filesystem
stop on runlevel [!2345]
respawn
pre-start script
# Remove any existing dionaea containers
myCID=$(docker ps -a | grep dionaea | awk '{ print $1 }')
if [ "$myCID" != "" ];
then docker rm $myCID;
fi
end script
script
# Delayed start to avoid rapid respawning
sleep $(((RANDOM % 5)+5))
/usr/bin/docker run --name dionaea --cap-add=NET_BIND_SERVICE --rm=true -p 21:21 -p 42:42 -p 8080:80 -p 135:135 -p 443:443 -p 445:445 -p 1433:1433 -p 3306:3306 -p 5061:5061 -p 5060:5060 -p 69:69/udp -p 5060:5060/udp -v /data/dionaea dtagdevsec/dionaea
end script

58
installer/upstart/docker.conf Normal file
View File

@ -0,0 +1,58 @@
description "Docker daemon"
start on (local-filesystems and net-device-up IFACE!=lo)
stop on runlevel [!2345]
limit nofile 524288 1048576
limit nproc 524288 1048576
respawn
pre-start script
# see also https://github.com/tianon/cgroupfs-mount/blob/master/cgroupfs-mount
if grep -v '^#' /etc/fstab | grep -q cgroup \
|| [ ! -e /proc/cgroups ] \
|| [ ! -d /sys/fs/cgroup ]; then
exit 0
fi
if ! mountpoint -q /sys/fs/cgroup; then
mount -t tmpfs -o uid=0,gid=0,mode=0755 cgroup /sys/fs/cgroup
fi
(
cd /sys/fs/cgroup
for sys in $(awk '!/^#/ { if ($4 == 1) print $1 }' /proc/cgroups); do
mkdir -p $sys
if ! mountpoint -q $sys; then
if ! mount -n -t cgroup -o $sys cgroup $sys; then
rmdir $sys || true
fi
fi
done
)
end script
script
# modify these in /etc/default/$UPSTART_JOB (/etc/default/docker)
DOCKER=/usr/bin/$UPSTART_JOB
DOCKER_OPTS=
if [ -f /etc/default/$UPSTART_JOB ]; then
. /etc/default/$UPSTART_JOB
fi
exec "$DOCKER" -d $DOCKER_OPTS
end script
# Don't emit "started" event until docker.sock is ready.
# See https://github.com/docker/docker/issues/6647
post-start script
DOCKER_OPTS=
if [ -f /etc/default/$UPSTART_JOB ]; then
. /etc/default/$UPSTART_JOB
fi
if ! printf "%s" "$DOCKER_OPTS" | grep -qE -e '-H|--host'; then
while ! [ -e /var/run/docker.sock ]; do
initctl status $UPSTART_JOB | grep -q "stop/" && exit 1
echo "Waiting for /var/run/docker.sock"
sleep 0.1
done
echo "/var/run/docker.sock is up"
fi
end script

24
installer/upstart/elk.conf Normal file
View File

@ -0,0 +1,24 @@
########################################################
# T-Pot Community Edition #
# ELK upstart script #
# #
# v0.50 by mo, DTAG, 2015-01-27 #
########################################################
description "ELK"
author "mo"
start on started docker and filesystem
stop on runlevel [!2345]
respawn
pre-start script
# Remove any existing elk containers
myCID=$(docker ps -a | grep elk | awk '{ print $1 }')
if [ "$myCID" != "" ];
then docker rm $myCID;
fi
end script
script
# Delayed start to avoid rapid respawning
sleep $(((RANDOM % 5)+5))
/usr/bin/docker run --name=elk --volumes-from ews --volumes-from suricata -v /data/elk/:/data/elk/ -p 127.0.0.1:64296:80 --rm=true dtagdevsec/elk
end script

24
installer/upstart/ews.conf Normal file
View File

@ -0,0 +1,24 @@
########################################################
# T-Pot Community Edition #
# EWS upstart script #
# #
# v0.50 by mo, DTAG, 2015-01-27 #
########################################################
description "EWS"
author "mo"
start on started docker and filesystem
stop on runlevel [!2345]
respawn
pre-start script
# Remove any existing ews containers
myCID=$(docker ps -a | grep ews | awk '{ print $1 }')
if [ "$myCID" != "" ];
then docker rm $myCID;
fi
end script
script
# Delayed start to avoid rapid respawning
sleep $(((RANDOM % 5)+5))
/usr/bin/docker run --name ews --volumes-from dionaea --volumes-from glastopf --volumes-from honeytrap --volumes-from kippo --rm=true -v /data/ews/:/data/ews/ --link kippo:kippo dtagdevsec/ews
end script

24
installer/upstart/glastopf.conf Normal file
View File

@ -0,0 +1,24 @@
########################################################
# T-Pot Community Edition #
# Glastopf upstart script #
# #
# v0.50 by mo, DTAG, 2015-01-27 #
########################################################
description "Glastopf"
author "mo"
start on started docker and filesystem
stop on runlevel [!2345]
respawn
pre-start script
# Remove any existing glastopf containers
myCID=$(docker ps -a | grep glastopf | awk '{ print $1 }')
if [ "$myCID" != "" ];
then docker rm $myCID;
fi
end script
script
# Delayed start to avoid rapid respawning
sleep $(((RANDOM % 5)+5))
/usr/bin/docker run --name glastopf --rm=true -p 80:80 -v /data/glastopf dtagdevsec/glastopf
end script

28
installer/upstart/honeytrap.conf Normal file
View File

@ -0,0 +1,28 @@
########################################################
# T-Pot Community Edition #
# Honeytrap upstart script #
# #
# v0.50 by mo, DTAG, 2015-01-27 #
########################################################
description "Honeytrap"
author "mo"
start on started docker and filesystem
stop on runlevel [!2345]
respawn
pre-start script
# Remove any existing honeytrap containers
myCID=$(docker ps -a | grep honeytrap | awk '{ print $1 }')
if [ "$myCID" != "" ];
then docker rm $myCID;
fi
/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -m multiport ! --dports 21,22,42,80,135,443,445,1433,3306,5060,5061,64295,64296 -j NFQUEUE
end script
script
# Delayed start to avoid rapid respawning
sleep $(((RANDOM % 5)+5))
/usr/bin/docker run --name honeytrap --cap-add=NET_ADMIN --net=host --rm=true -v /data/honeytrap dtagdevsec/honeytrap
end script
post-stop script
/sbin/iptables -w -D INPUT -p tcp --syn -m state --state NEW -m multiport ! --dports 21,22,42,80,135,443,445,1433,3306,5060,5061,64295,64296 -j NFQUEUE
end script

24
installer/upstart/kippo.conf Normal file
View File

@ -0,0 +1,24 @@
########################################################
# T-Pot Community Edition #
# Kippo upstart script #
# #
# v0.50 by mo, DTAG, 2015-01-27 #
########################################################
description "Kippo"
author "mo"
start on started docker and filesystem
stop on runlevel [!2345]
respawn
pre-start script
# Remove any existing kippo containers
myCID=$(docker ps -a | grep kippo | awk '{ print $1 }')
if [ "$myCID" != "" ];
then docker rm $myCID;
fi
end script
script
# Delayed start to avoid rapid respawning
sleep $(((RANDOM % 5)+5))
/usr/bin/docker run --name kippo --rm=true -p 22:2222 -v /data/kippo dtagdevsec/kippo
end script

28
installer/upstart/suricata.conf Normal file
View File

@ -0,0 +1,28 @@
########################################################
# T-Pot Community Edition #
# Suricata upstart script #
# #
# v0.50 by mo, DTAG, 2015-01-27 #
########################################################
description "Suricata"
author "mo"
start on started docker and filesystem
stop on runlevel [!2345]
respawn
pre-start script
# Remove any existing suricata containers
myCID=$(docker ps -a | grep suricata | awk '{ print $1 }')
if [ "$myCID" != "" ];
then docker rm $myCID;
fi
myIF=$(route | grep default | awk '{ print $8 }')
/sbin/ethtool --offload $myIF rx off tx off
/sbin/ethtool -K $myIF gso off gro off
/sbin/ip link set $myIF promisc on
end script
script
# Delayed start to avoid rapid respawning
sleep $(((RANDOM % 5)+5))
/usr/bin/docker run --name suricata --cap-add=NET_ADMIN --net=host --rm=true -v /data/suricata/ dtagdevsec/suricata
end script