telekom-security/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-02 01:27:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

clean up, update readme

Browse Source
This commit is contained in:
t3chn0m4g3
2016-03-09 14:05:06 +01:00
parent 6f18240ade
commit f9e67c897c
8 changed files with 29 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
installer/bin/backup_elk.sh
View File

@ -4,7 +4,7 @@
# T-Pot #
# ELK DB backup script #
# #
# v0.01 by mo, DTAG, 2016-02-12 #
# v16.03.1 by mo, DTAG, 2016-03-09 #
########################################################
myCOUNT=1
myDATE=$(date +%Y%m%d%H%M)
@ -43,13 +43,12 @@ sleep 10
# Backup DB in 2 flavors
echo "Now backing up Elasticsearch data ..."
tar cvfz $myBACKUPPATH"$myDATE"_elkall.tgz $myELKPATH
tar cvfz $myBACKUPPATH"$myDATE"_elkall.tgz $myELKPATH
rm -rf "$myELKPATH"log/*
rm -rf "$myELKPATH"data/elasticsearch/nodes/0/indices/logstash*
tar cvfz $myBACKUPPATH"$myDATE"_elkbase.tgz $myELKPATH
rm -rf $myELKPATH
tar xvfz $myBACKUPPATH"$myDATE"_elkall.tgz -C /
#tar xvfz $myBACKUPPATH"$myDATE"_elkbase.tgz -C /
tar xvfz $myBACKUPPATH"$myDATE"_elkall.tgz -C /
chmod 760 -R $myELKPATH
chown tpot:tpot -R $myELKPATH
@ -59,4 +58,3 @@ echo "Now starting up ELK ..."
# Allow checks to resume
rm /var/run/check.lock

6
installer/bin/check.sh
View File

@ -4,10 +4,10 @@
# T-Pot #
# Check container and services script #
# #
# v0.03 by mo, DTAG, 2016-02-12 #
# v16.03.1 by mo, DTAG, 2016-03-09 #
########################################################
if [ -a /var/run/check.lock ];
then
then
echo "Lock exists. Exiting now."
exit
fi
@ -34,5 +34,5 @@ for i in $myIMAGES
service $i start
fi
done
rm /var/run/check.lock

20
installer/bin/dcres.sh
View File

@ -4,7 +4,7 @@
# T-Pot #
# Container and services restart script #
# #
# v0.04 by mo, DTAG, 2016-02-12 #
# v16.03.1 by mo, DTAG, 2016-03-09 #
########################################################
myCOUNT=1
@ -40,7 +40,7 @@ if [ $myUPTIME -gt 4 ];
do
service $i stop
done
echo "Waiting 10 seconds before restarting docker ..."
echo "### Waiting 10 seconds before restarting docker ..."
sleep 10
iptables -w -F
service docker restart
@ -56,25 +56,21 @@ if [ $myUPTIME -gt 4 ];
fi
sleep 0.1
done
echo "Docker is now up and running again."
echo "Removing obsolete container data ..."
echo "### Docker is now up and running again."
echo "### Removing obsolete container data ..."
docker rm -v $(docker ps -aq)
echo "Removing obsolete image data ..."
echo "### Removing obsolete image data ..."
docker rmi $(docker images | grep "^<none>" | awk '{print $3}')
echo "Starting T-Pot services ..."
echo "### Starting T-Pot services ..."
for i in $myIMAGES
do
service $i start
done
sleep 5
else
echo "T-Pot needs to be up and running for at least 5 minutes."
else
echo "### T-Pot needs to be up and running for at least 5 minutes."
fi
rm /var/run/check.lock
/etc/rc.local
echo "Done. Now running status.sh"
/usr/bin/status.sh

2
installer/bin/status.sh
View File

@ -4,7 +4,7 @@
# T-Pot #
# Container and services status script #
# #
# v0.05 by mo, DTAG, 2016-02-12 #
# v16.03.1 by mo, DTAG, 2016-03-09 #
########################################################
myCOUNT=1

8
installer/bin/update-images.sh
View File

@ -4,7 +4,7 @@
# T-Pot #
# Only start the containers found in /etc/init/ #
# #
# v0.03 by mo, DTAG, 2016-02-12 #
# v16.03.1 by mo, DTAG, 2016-03-09 #
########################################################
# Make sure not to interrupt a check
@ -40,7 +40,7 @@ done
# Setup only T-Pot upstart scripts from images.conf and pull the images
for i in $(cat /data/images.conf);
do
do
docker pull dtagdevsec/$i:latest1603;
cp /data/upstart/"$i".conf /etc/init/;
done
@ -49,8 +49,8 @@ done
rm /var/run/check.lock
# Announce reboot
echo "Rebooting in 5 seconds for the changes to take effect."
sleep 5
echo "### Rebooting in 60 seconds for the changes to take effect."
sleep 60
# Reboot
reboot

10
installer/home/2fa_enable.sh
View File

@ -4,7 +4,7 @@
# T-Pot #
# Two-Factor-Authentication and SSH enable script #
# #
# v16.03.1 by mo, DTAG, 2016-03-07 #
# v16.03.2 by mo, DTAG, 2016-03-09 #
########################################################
myBACKTITLE="T-Pot - Two-Factor-Authentication and SSH enable script"
@ -18,7 +18,7 @@ dialog --backtitle "$myBACKTITLE" --title "[ Enable SSH? ]" --yesno "\nDo you wa
mySSH=$?
# Enable 2FA
if [ $my2FA == 0 ] && ! [ -f /etc/pam.d/sshd.bak ];
if [ "$my2FA" = "0" ] && ! [ -f /etc/pam.d/sshd.bak ];
then
clear
sudo sed -i.bak '\# PAM#aauth required pam_google_authenticator.so' /etc/pam.d/sshd
@ -27,12 +27,12 @@ if [ $my2FA == 0 ] && ! [ -f /etc/pam.d/sshd.bak ];
echo "2FA enabled. Please press return to continue ..."
read
elif [ -f /etc/pam.d/sshd.bak ]
then
dialog --backtitle "$myBACKTITLE" --title "[ Already enabled ]" --msgbox "\nIt seems that Two-Factor-Authentication has already been enabled. Please run 'google-authenticator -t -d -f -r 3 -R 30 -w 21' if you want to rewrite your token." 8 70
then
dialog --backtitle "$myBACKTITLE" --title "[ Already enabled ]" --msgbox "\nIt seems that Two-Factor-Authentication has already been enabled. Please run 'google-authenticator -t -d -f -r 3 -R 30 -w 21' if you want to rewrite your token." 8 70
fi
# Enable SSH
if [ $mySSH == 0 ] && [ -f /etc/init/ssh.override ];
if [ "$mySSH" = "0" ] && [ -f /etc/init/ssh.override ];
then
clear
sudo rm /etc/init/ssh.override