include conpot

2025-07-02 01:27:27 -04:00 · 2016-02-19 17:52:45 +01:00
parent 1804a042e9
commit 994aed3e31
6 changed files with 57 additions and 10 deletions
--- a/installer/data/imgcfg/all_images.conf
+++ b/installer/data/imgcfg/all_images.conf
@ -1,3 +1,4 @@
+conpot
 cowrie
 dionaea
 elasticpot
--- a/installer/data/imgcfg/industrial_images.conf
+++ b/installer/data/imgcfg/industrial_images.conf
@ -1,3 +1,4 @@
+conpot
 elk
 emobility
 suricata
--- a/installer/data/upstart/conpot.conf
+++ b/installer/data/upstart/conpot.conf
@ -0,0 +1,31 @@
+########################################################
+# T-Pot                                                #
+# ConPot upstart script                                #
+#                                                      #
+# v16.03.1 by mo, DTAG, 2016-02-19                     #
+########################################################
+
+description "ConPot"
+author "mo"
+start on started docker and filesystem
+stop on runlevel [!2345]
+respawn
+pre-start script
+  # Remove any existing conpot containers
+  myCID=$(docker ps -a | grep conpot | awk '{ print $1 }')
+  if [ "$myCID" != "" ];
+    then docker rm -v $myCID;
+  fi
+  # Remove any data from previous container
+  rm -rf /data/conpot/* || true
+  mkdir -p /data/conpot/log
+  chmod 760 /data/conpot -R
+  chown tpot:tpot /data/conpot -R
+end script
+script
+  /usr/bin/docker run --name conpot --rm=true -v /data/conpot:/data/conpot -v /data/ews:/data/ews -p 81:80 -p 102:102 -p 161:161/udp -p 502:502 dtagdevsec/conpot:latest1603
+end script
+post-start script
+  # Delay next start to avoid rapid respawning
+  sleep 2
+end script
--- a/installer/install.sh
+++ b/installer/install.sh
@ -3,7 +3,7 @@
 # T-Pot post install script                            #
 # Ubuntu server 14.04.3, x64                           #
 #                                                      #
-# v16.03.9 by mo, DTAG, 2016-02-15                     #
+# v16.03.10 by mo, DTAG, 2016-02-19                    #
 ########################################################

 # Type of install, SENSOR, INDUSTRIAL or FULL?
@ -223,7 +223,6 @@ if [ "$myFLAVOR" = "ALL" ]
    cp /root/tpot/data/imgcfg/all_images.conf /root/tpot/data/images.conf
 fi

-
 # Let's load docker images
 fuECHO "### Loading docker images. Please be patient, this may take a while."
 if [ -d /root/tpot/images ];
@ -281,18 +280,19 @@ tee -a /etc/crontab <<EOF
 27 15 * * *   root  /etc/rc.local

 # Check for updated packages every sunday, upgrade and reboot
-27 16 * * 0   root  sleep \$((RANDOM %600)); apt-get autoclean -y; apt-get autoremove -y; apt-get update -y; apt-get upgrade -y; sleep 5; reboot
+27 16 * * 0   root  apt-get autoclean -y; apt-get autoremove -y; apt-get update -y; apt-get upgrade -y; sleep 5; reboot
 EOF

 # Let's create some files and folders
 fuECHO "### Creating some files and folders."
-mkdir -p /data/ews/log /data/ews/conf /data/ews/dionaea /data/ews/emobility \
+mkdir -p /data/conpot/log \
         /data/cowrie/log/tty/ /data/cowrie/downloads/ /data/cowrie/keys/ /data/cowrie/misc/ \
-         /data/elasticpot/log \
         /data/dionaea/log /data/dionaea/bistreams /data/dionaea/binaries /data/dionaea/rtp /data/dionaea/wwwroot \
+         /data/elasticpot/log \
         /data/elk/data /data/elk/log /data/glastopf /data/honeytrap/log/ /data/honeytrap/attacks/ /data/honeytrap/downloads/ \
-         /data/suricata/log /home/tsec/.ssh/ \
-         /data/emobility/log
+         /data/emobility/log \
+         /data/ews/log /data/ews/conf /data/ews/dionaea /data/ews/emobility \
+         /data/suricata/log /home/tsec/.ssh/

 # Let's take care of some files and permissions before copying
 chmod 500 /root/tpot/bin/*