telekom-security/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-02 01:27:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

tweaking

Browse Source
This commit is contained in:
Marco Ochse
2018-04-26 15:18:23 +00:00
parent 063463ba2e
commit a944925124
5 changed files with 23 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
docker/conpot/Dockerfile
View File

@ -26,26 +26,27 @@ RUN apk -U --no-cache add bash \
wget && \ wget && \
# Setup ConPot # Setup ConPot
git clone https://github.com/mushorg/conpot /opt/conpot/ && \ git clone https://github.com/mushorg/conpot /opt/conpot && \
cd /opt/conpot/ && \ cd /opt/conpot/ && \
git checkout d157229e4587188ad3d3af5dddcd71200713852d && \ git reset --hard d157229e4587188ad3d3af5dddcd71200713852d && \
git fetch origin pull/367/head:run-without-root && \
git checkout run-without-root && \
git checkout master && \
git merge run-without-root && \
cp /root/dist/requirements.txt /opt/conpot/ && \ cp /root/dist/requirements.txt /opt/conpot/ && \
# Patch to accept ENV for MIB path # Patch to accept ENV for MIB path
cp /root/dist/snmp_server.py /opt/conpot/conpot/protocols/snmp/ && \ cp /root/dist/snmp_server.py /opt/conpot/conpot/protocols/snmp/ && \
pip install -U pip setuptools && \ pip install --no-cache-dir -U pip setuptools && \
python setup.py install && \ pip install --no-cache-dir . && \
cd / && \ cd / && \
# Monkey patch, see https://github.com/mushorg/conpot/issues/361
cp /root/dist/conpot.bin /usr/bin/conpot && \
chmod u+x /usr/bin/conpot && \
rm -rf /opt/conpot /tmp/* /var/tmp/* && \ rm -rf /opt/conpot /tmp/* /var/tmp/* && \
setcap cap_net_bind_service=+ep /usr/bin/conpot && \ setcap cap_net_bind_service=+ep /usr/bin/python2.7 && \
# Get wireshark manuf db for scapy, setup configs, user, groups # Get wireshark manuf db for scapy, setup configs, user, groups
mkdir -p /etc/conpot /var/log/conpot /usr/share/wireshark && \ mkdir -p /etc/conpot /var/log/conpot /usr/share/wireshark && \
wget https://github.com/wireshark/wireshark/raw/master/manuf -o /usr/share/wireshark/manuf && \ wget https://github.com/wireshark/wireshark/raw/master/manuf -o /usr/share/wireshark/manuf && \
cp /root/dist/conpot.cfg /etc/conpot/conpot.cfg && \ cp /root/dist/conpot.cfg /etc/conpot/conpot.cfg && \
cp -R /root/dist/templates /usr/lib/python2.7/site-packages/Conpot-0.5.1-py2.7.egg/conpot/ && \ cp -R /root/dist/templates /usr/lib/python2.7/site-packages/conpot/ && \
addgroup -g 2000 conpot && \ addgroup -g 2000 conpot && \
adduser -S -s /bin/bash -u 2000 -D -g 2000 conpot && \ adduser -S -s /bin/bash -u 2000 -D -g 2000 conpot && \
@ -61,9 +62,11 @@ RUN apk -U --no-cache add bash \
pkgconfig \ pkgconfig \
python-dev \ python-dev \
py-cffi \ py-cffi \
py-pip \
wget && \ wget && \
rm -rf /root/* && \ rm -rf /root/* && \
rm -rf /var/cache/apk/* rm -rf /var/cache/apk/*
# Start conpot # Start conpot
USER conpot:conpot
CMD exec /usr/bin/conpot --template $CONPOT_TEMPLATE --logfile $CONPOT_LOG --config $CONPOT_CONFIG CMD exec /usr/bin/conpot --template $CONPOT_TEMPLATE --logfile $CONPOT_LOG --config $CONPOT_CONFIG

5
docker/conpot/docker-compose.yml
View File

@ -22,7 +22,6 @@ services:
- CONPOT_LOG=/var/log/conpot/conpot_default.log - CONPOT_LOG=/var/log/conpot/conpot_default.log
- CONPOT_TEMPLATE=default - CONPOT_TEMPLATE=default
- CONPOT_TMP=/tmp/conpot - CONPOT_TMP=/tmp/conpot
- PYTHON_EGG_CACHE=/tmp/conpot
tmpfs: tmpfs:
- /tmp/conpot:exec - /tmp/conpot:exec
networks: networks:
@ -52,7 +51,6 @@ services:
- CONPOT_LOG=/var/log/conpot/conpot_IEC104.log - CONPOT_LOG=/var/log/conpot/conpot_IEC104.log
- CONPOT_TEMPLATE=IEC104 - CONPOT_TEMPLATE=IEC104
- CONPOT_TMP=/tmp/conpot - CONPOT_TMP=/tmp/conpot
- PYTHON_EGG_CACHE=/tmp/conpot
tmpfs: tmpfs:
- /tmp/conpot:exec - /tmp/conpot:exec
networks: networks:
@ -77,7 +75,6 @@ services:
- CONPOT_LOG=/var/log/conpot/conpot_guardian_ast.log - CONPOT_LOG=/var/log/conpot/conpot_guardian_ast.log
- CONPOT_TEMPLATE=guardian_ast - CONPOT_TEMPLATE=guardian_ast
- CONPOT_TMP=/tmp/conpot - CONPOT_TMP=/tmp/conpot
- PYTHON_EGG_CACHE=/tmp/conpot
tmpfs: tmpfs:
- /tmp/conpot:exec - /tmp/conpot:exec
networks: networks:
@ -101,7 +98,6 @@ services:
- CONPOT_LOG=/var/log/conpot/conpot_ipmi.log - CONPOT_LOG=/var/log/conpot/conpot_ipmi.log
- CONPOT_TEMPLATE=ipmi - CONPOT_TEMPLATE=ipmi
- CONPOT_TMP=/tmp/conpot - CONPOT_TMP=/tmp/conpot
- PYTHON_EGG_CACHE=/tmp/conpot
tmpfs: tmpfs:
- /tmp/conpot:exec - /tmp/conpot:exec
networks: networks:
@ -125,7 +121,6 @@ services:
- CONPOT_LOG=/var/log/conpot/conpot_kamstrup_382.log - CONPOT_LOG=/var/log/conpot/conpot_kamstrup_382.log
- CONPOT_TEMPLATE=kamstrup_382 - CONPOT_TEMPLATE=kamstrup_382
- CONPOT_TMP=/tmp/conpot - CONPOT_TMP=/tmp/conpot
- PYTHON_EGG_CACHE=/tmp/conpot
tmpfs: tmpfs:
- /tmp/conpot:exec - /tmp/conpot:exec
networks: networks:

2
docker/ews/Dockerfile
View File

@ -47,4 +47,4 @@ RUN apk -U upgrade && \
# Run ewsposter # Run ewsposter
USER ews:ews USER ews:ews
CMD sleep 10 && exec /usr/bin/python /opt/ewsposter/ews.py -l 60 CMD sleep 10 && exec /usr/bin/python -u /opt/ewsposter/ews.py -l 60

11
docker/glastopf/Dockerfile
View File

@ -12,6 +12,7 @@ RUN apk -U --no-cache add autoconf \
git \ git \
libffi \ libffi \
libffi-dev \ libffi-dev \
libcap \
make \ make \
py-asn1 \ py-asn1 \
py-cffi \ py-cffi \
@ -41,6 +42,7 @@ RUN apk -U --no-cache add autoconf \
py-mongo \ py-mongo \
py-sqlalchemy \ py-sqlalchemy \
py-webob && \ py-webob && \
pip install --no-cache-dir --upgrade pip && \
# Install php sandbox from git # Install php sandbox from git
git clone https://github.com/mushorg/BFR /opt/BFR && \ git clone https://github.com/mushorg/BFR /opt/BFR && \
@ -63,9 +65,10 @@ RUN apk -U --no-cache add autoconf \
cp /root/dist/base_logger.py /opt/glastopf/glastopf/modules/reporting/auxiliary/ && \ cp /root/dist/base_logger.py /opt/glastopf/glastopf/modules/reporting/auxiliary/ && \
cp /root/dist/log_s3.py /opt/glastopf/glastopf/modules/reporting/auxiliary/ && \ cp /root/dist/log_s3.py /opt/glastopf/glastopf/modules/reporting/auxiliary/ && \
cp /root/dist/requirements.txt /opt/glastopf/ && \ cp /root/dist/requirements.txt /opt/glastopf/ && \
python setup.py install && \ pip install --no-cache-dir . && \
cd / && \ cd / && \
rm -rf /opt/glastopf /tmp/* /var/tmp/* && \ rm -rf /opt/glastopf /tmp/* /var/tmp/* && \
setcap cap_net_bind_service=+ep /usr/bin/python2.7 && \
# Setup user, groups and configs # Setup user, groups and configs
addgroup -g 2000 glastopf && \ addgroup -g 2000 glastopf && \
@ -79,10 +82,12 @@ RUN apk -U --no-cache add autoconf \
git \ git \
libffi-dev \ libffi-dev \
php7-dev \ php7-dev \
python-dev && \ python-dev \
py-pip && \
rm -rf /root/* && \ rm -rf /root/* && \
rm -rf /var/cache/apk/* rm -rf /var/cache/apk/*
# Set workdir and start glastopf # Set workdir and start glastopf
USER glastopf:glastopf
WORKDIR /tmp/glastopf/ WORKDIR /tmp/glastopf/
CMD cp /opt/glastopf/glastopf.cfg /tmp/glastopf && glastopf-runner CMD cp /opt/glastopf/glastopf.cfg /tmp/glastopf && exec glastopf-runner

5
docker/glastopf/docker-compose.yml
View File

@ -9,11 +9,10 @@ services:
glastopf: glastopf:
build: . build: .
container_name: glastopf container_name: glastopf
environment:
- PYTHON_EGG_CACHE=/tmp/glastopf
tmpfs: tmpfs:
- /tmp/glastopf:exec - /tmp/glastopf:uid=2000,gid=2000
restart: always restart: always
stop_signal: SIGINT
networks: networks:
- glastopf_local - glastopf_local
ports: ports: