prepare for new ewsposter

2025-07-02 01:27:27 -04:00 · 2020-10-15 09:14:30 +00:00
parent 6b37578d8d
commit b28cc2edd0
4 changed files with 23 additions and 30 deletions
--- a/docker/ews/Dockerfile
+++ b/docker/ews/Dockerfile
@ -23,9 +23,9 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
    pip3 install --no-cache-dir configparser hpfeeds3 pyOpenSSL xmljson && \
 #
 # Setup ewsposter
-    git clone https://github.com/telekom-security/ewsposter /opt/ewsposter && \
+    git clone https://github.com/telekom-security/ewsposter -b develop /opt/ewsposter && \
    cd /opt/ewsposter && \
-    git checkout f9c0623d44a837f666ec39659665020c7460dec8 && \
+#    git checkout f9c0623d44a837f666ec39659665020c7460dec8 && \
    mkdir -p /opt/ewsposter/spool /opt/ewsposter/log && \
 #
 # Setup user and groups
--- a/docker/ews/dist/ews.cfg
+++ b/docker/ews/dist/ews.cfg
@ -6,8 +6,9 @@ del_malware_after_send = false
 send_malware = false
 sendlimit = 500
 contact = your_email_address
-proxy =
-ip =
+proxy = None
+ip_int = None
+ip_ext = None

 [EWS]
 ews = true
@ -39,24 +40,6 @@ nodeid = glastopfv3-community-01
 sqlitedb = /data/glastopf/db/glastopf.db
 malwaredir = /data/glastopf/data/files/

-[GLASTOPFV2]
-glastopfv2 = false
-nodeid =
-mysqlhost =
-mysqldb =
-mysqluser =
-mysqlpw =
-malwaredir =
-
-[KIPPO]
-kippo = false
-nodeid =
-mysqlhost =
-mysqldb =
-mysqluser =
-mysqlpw =
-malwaredir =
-
 [COWRIE]
 cowrie = true
 nodeid = cowrie-community-01
@ -75,12 +58,6 @@ newversion = true
 payloaddir = /data/honeytrap/attacks/
 attackerfile = /data/honeytrap/log/attacker.log

-[RDPDETECT]
-rdpdetect = false
-nodeid =
-iptableslog =
-targetip =
-
 [EMOBILITY]
 eMobility = false
 nodeid = emobility-community-01
@ -135,3 +112,18 @@ logfile = /data/tanner/log/tanner_report.json
 glutton = true
 nodeid = glutton-community-01
 logfile = /data/glutton/log/glutton.log
+
+[HONEYSAP]
+honeysap = true
+nodeid = honeysap-community-01
+logfile = /data/honeysap/log/honeysap-external.log
+
+[ADBHONEY]
+adbhoney = true
+nodeid = adbhoney-community-01
+logfile = /data/adbhoney/log/adbhoney.json
+
+[FATT]
+fatt = true
+nodeid = fatt-community-01
+logfile = /data/fatt/log/fatt.log
--- a/docker/ews/docker-compose.yml
+++ b/docker/ews/docker-compose.yml
@ -26,5 +26,4 @@ services:
    image: "ghcr.io/telekom-security/ewsposter:2006"
    volumes:
     - /data:/data
-     - /data/ews/conf/ews.ip:/opt/ewsposter/ews.ip
-
+#     - /data/ews/conf/ews.ip:/opt/ewsposter/ews.ip