diff --git a/README.md b/README.md index da774315..6b9824ce 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ [![Gitter](https://img.shields.io/gitter/room/nwjs/nw.js.svg?maxAge=2592000)](https://gitter.im/dtag-dev-sec/tpotce) -# T-Pot 16.10 Image Creator (working - dev in progress) +# T-Pot 16.10 Image Creator (beta) This repository contains the necessary files to create the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)** ISO image. The image can then be used to install T-Pot on a physical or virtual machine. diff --git a/installer/data/elkbase.tgz b/installer/data/elkbase.tgz index 895e0407..1abda475 100644 Binary files a/installer/data/elkbase.tgz and b/installer/data/elkbase.tgz differ diff --git a/installer/etc/issue b/installer/etc/issue index 114e1fa5..685c4e4d 100644 --- a/installer/etc/issue +++ b/installer/etc/issue @@ -1,4 +1,4 @@ -T-Pot 16.10 (development) +T-Pot 16.10 (beta) Hostname: \n ___________ _____________________________ diff --git a/installer/etc/nginx/tpotweb.conf b/installer/etc/nginx/tpotweb.conf index 7b26a386..c0652029 100644 --- a/installer/etc/nginx/tpotweb.conf +++ b/installer/etc/nginx/tpotweb.conf @@ -73,8 +73,13 @@ server { ################################## ### Restrict access and basic auth ################################## + + # satisfy all; satisfy any; + # allow 10.0.0.0/8; + # allow 172.16.0.0/12; + # allow 192.168.0.0/16; allow 127.0.0.1; allow ::1; deny all; diff --git a/installer/install.sh b/installer/install.sh index 08c40c0d..6716a083 100755 --- a/installer/install.sh +++ b/installer/install.sh @@ -3,7 +3,7 @@ # T-Pot post install script # # Ubuntu server 16.04.0, x64 # # # -# v16.10.0 by mo, DTAG, 2016-05-12 # +# v16.10.0 by mo, DTAG, 2016-10-23 # ######################################################## # Type of install, TPOT, SENSOR, INDUSTRIAL or FULL? @@ -336,19 +336,22 @@ tee -a /etc/crontab <:/api delete --filters resource= && alerta --endpoint-url http://:/api send -e IP -r -E Production -s ok -S T-Pot -t \$(cat /data/elk/logstash/mylocal.ip) --status open # Check if updated images are available and download them -27 1 * * * root for i in \$(cat /data/images.conf); do docker pull dtagdevsec/\$i:latest1610; done +27 1 * * * root for i in \$(cat /data/images.conf); do docker pull dtagdevsec/\$i:latest1610; done # Restart docker service and containers -27 3 * * * root dcres.sh +27 3 * * * root dcres.sh # Delete elastic indices older than 90 days (kibana index is omitted by default) -27 4 * * * root docker exec elk bash -c '/usr/local/bin/curator --host 127.0.0.1 delete indices --older-than 90 --time-unit days --timestring \%Y.\%m.\%d' +27 4 * * * root docker exec elk bash -c '/usr/local/bin/curator --host 127.0.0.1 delete indices --older-than 90 --time-unit days --timestring \%Y.\%m.\%d' # Update IP and erase check.lock if it exists -27 15 * * * root /etc/rc.local +27 15 * * * root /etc/rc.local + +# Daily reboot +27 23 * * * root reboot # Check for updated packages every sunday, upgrade and reboot -27 16 * * 0 root apt-get autoclean -y; apt-get autoremove -y; apt-get update -y; apt-get upgrade -y; sleep 5; reboot +27 16 * * 0 root apt-get autoclean -y && apt-get autoremove -y && apt-get update -y && apt-get upgrade -y && sleep 10 && reboot EOF # Let's create some files and folders diff --git a/installer/usr/share/nginx/html/navbar.html b/installer/usr/share/nginx/html/navbar.html index da392386..49527a37 100644 --- a/installer/usr/share/nginx/html/navbar.html +++ b/installer/usr/share/nginx/html/navbar.html @@ -14,7 +14,7 @@ ES Head Plugin UI-For-Docker WebSSH - Netdata + Netdata