prep for 18.04

2025-07-02 01:27:27 -04:00 · 2018-03-25 18:35:32 +00:00
parent 60cb42b34d
commit c9a33870ff
57 changed files with 2268 additions and 178 deletions
--- a/docker/ciscoasa/Dockerfile
+++ b/docker/ciscoasa/Dockerfile
@ -1,9 +1,14 @@
 FROM alpine
-MAINTAINER MO

 # Setup env and apt
 RUN apk -U upgrade && \
-    apk add bash build-base git libffi-dev openssl-dev python3-dev procps && \
+    apk add bash \
+            build-base \
+            git \
+            libffi-dev \
+            openssl-dev \
+            python3-dev \
+            procps && \

 # Setup user
    addgroup -g 2000 ciscoasa && \
@ -18,10 +23,16 @@ RUN apk -U upgrade && \
    chown -R ciscoasa:ciscoasa /opt/ciscoasa_honeypot && \

 # Clean up
-    apk del build-base git libffi-dev openssl-dev python3-dev && \
-    apk add libffi openssl python3
+    apk del build-base \
+            git \
+            libffi-dev \
+            openssl-dev \
+            python3-dev && \
+    apk add libffi \
+            openssl \
+            python3

 # Start elasticsearch-head
 WORKDIR /opt/ciscoasa_honeypot
 USER ciscoasa
-CMD python3 asa_server.py --enable_ssl --verbose
+CMD python3 asa_server.py --enable_ssl --verbose > /var/log/ciscoasa/ciscoasa.log 2>&1
--- a/docker/ciscoasa/README.md
+++ b/docker/ciscoasa/README.md
@ -0,0 +1,12 @@
+[![](https://images.microbadger.com/badges/version/dtagdevsec/ciscoasa:1804.svg)](https://microbadger.com/images/dtagdevsec/ciscoasa:1804 "Get your own version badge on microbadger.com") [![](https://images.microbadger.com/badges/image/dtagdevsec/ciscoasa:1804.svg)](https://microbadger.com/images/dtagdevsec/ciscoasa:1804 "Get your own image badge on microbadger.com")
+
+# ciscoasa
+
+[Ciscoasa](https://github.com/cymmetria/ciscoasa_honeypot) is a low interaction honeypot for the Cisco ASA component capable of detecting CVE-2018-0101, a DoS and remote code execution vulnerability
+
+This dockerized version is part of the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)** of Deutsche Telekom AG.
+
+The `Dockerfile` contains the blueprint for the dockerized ciscoasa and will be used to setup the docker image.
+
+The `docker-compose.yml` contains the necessary settings to test conpot using `docker-compose`. This will ensure to start the docker container with the appropriate permissions and port mappings.
+
--- a/docker/ciscoasa/docker-compose.yml
+++ b/docker/ciscoasa/docker-compose.yml
@ -2,13 +2,21 @@
 # For docker-compose ...
 version: '2.2'

+networks:
+  ciscoasa_local:
+
 services:

-# Wetty service
-  wetty:
-    container_name: wetty
+# Ciscoasa service
+  ciscoasa:
+    build: .
+    container_name: ciscoasa
    restart: always
-    network_mode: "host"
-    env_file:
-     - /opt/tpot/etc/compose/wetty_environment
-    image: "dtagdevsec/wetty:1710"
+    networks:
+     - ciscoasa_local
+    ports:
+     - "5000:5000"
+     - "8443:8443"
+    image: "dtagdevsec/ciscoasa:1804"
+    volumes:
+     - /data/ciscoasa/log:/var/log/ciscoasa