Continue cleaning up and update documentation

docker/p0f/README.md

@@ -1,4 +1,11 @@
-[![](https://images.microbadger.com/badges/version/dtagdevsec/p0f:1706.svg)](https://microbadger.com/images/dtagdevsec/p0f:1706 "Get your own version badge on microbadger.com") [![](https://images.microbadger.com/badges/image/dtagdevsec/p0f:1706.svg)](https://microbadger.com/images/dtagdevsec/p0f:1706 "Get your own image badge on microbadger.com")
+[![](https://images.microbadger.com/badges/version/dtagdevsec/p0f:1710.svg)](https://microbadger.com/images/dtagdevsec/p0f:1710 "Get your own version badge on microbadger.com") [![](https://images.microbadger.com/badges/image/dtagdevsec/p0f:1710.svg)](https://microbadger.com/images/dtagdevsec/p0f:1710 "Get your own image badge on microbadger.com")
 
 # dockerized p0f
 
+[p0f](http://lcamtuf.coredump.cx/p0f3/) P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way.
+
+This dockerized version is part of the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)** of Deutsche Telekom AG.
+
+The `Dockerfile` contains the blueprint for the dockerized p0f and will be used to setup the docker image.
+
+The `docker-compose.yml` contains the necessary settings to test p0f using `docker-compose`. This will ensure to start the docker container with the appropriate permissions and port mappings.

docker/p0f/docker-compose.yml

@@ -0,0 +1,12 @@
+version: '2.1'
+
+services:
+
+# P0f service
+  p0f:
+    container_name: p0f
+    restart: always
+    network_mode: "host"
+    image: "dtagdevsec/p0f:1710"
+    volumes:
+     - /data/p0f/log:/var/log/p0f

docker/suricata/README.md

@@ -1,31 +1,15 @@
-[![](https://images.microbadger.com/badges/version/dtagdevsec/suricata:1706.svg)](https://microbadger.com/images/dtagdevsec/suricata:1706 "Get your own version badge on microbadger.com") [![](https://images.microbadger.com/badges/image/dtagdevsec/suricata:1706.svg)](https://microbadger.com/images/dtagdevsec/suricata:1706 "Get your own image badge on microbadger.com")
+[![](https://images.microbadger.com/badges/version/dtagdevsec/suricata:1710.svg)](https://microbadger.com/images/dtagdevsec/suricata:1710 "Get your own version badge on microbadger.com") [![](https://images.microbadger.com/badges/image/dtagdevsec/suricata:1710.svg)](https://microbadger.com/images/dtagdevsec/suricata:1710 "Get your own image badge on microbadger.com")
 
 # dockerized suricata
 
-
 [suricata](http://suricata-ids.org/) is a Network IDS, IPS and Network Security Monitoring engine.
 
-This repository contains the necessary files to create a *dockerized* version of suricata.
-
 This dockerized version is part of the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)** of Deutsche Telekom AG.
 
 The `Dockerfile` contains the blueprint for the dockerized suricata and will be used to setup the docker image.  
 
-The `suricata.yaml` is tailored to fit the T-Pot environment.
-
-The `supervisord.conf` is used to start suricata under supervision of supervisord.
-
-Using systemd, copy the `systemd/suricata.service` to `/etc/systemd/system/suricata.service` and start using
-
-```
-systemctl enable suricata
-systemctl start suricata
-```
-
-This will make sure that the docker container is started with the appropriate permissions and port mappings. Further, it autostarts during boot.
-
-By default all data will be stored in `/data/suricata/` until the service will be restarted which is by default every 24 hours. If you want to keep data persistently simply edit the ``service`` file, find the line that contains ``clean.sh`` and set the option from ``off`` to ``on``. Be advised to establish some sort of log management if you wish to do so.
+The `docker-compose.yml` contains the necessary settings to test suricata using `docker-compose`. This will ensure to start the docker container with the appropriate permissions.
 
 # Suricata Dashboard
 
-![Suricata Dashboard](https://raw.githubusercontent.com/dtag-dev-sec/suricata/master/doc/dashboard.png)
+![Suricata Dashboard](https://raw.githubusercontent.com/dtag-dev-sec/tpotce/master/docker/suricata/doc/dashboard.png)

docker/suricata/docker-compose.yml

@@ -0,0 +1,18 @@
+# T-Pot (Standard)
+# For docker-compose ...
+version: '2.1'
+
+services:
+
+# Suricata service
+  suricata:
+    container_name: suricata
+    restart: always
+    network_mode: "host"
+    cap_add:
+     - NET_ADMIN
+     - SYS_NICE
+     - NET_RAW
+    image: "dtagdevsec/suricata:1710"
+    volumes:
+     - /data/suricata/log:/var/log/suricata

docker/ui-for-docker/Dockerfile

@@ -1,6 +1,5 @@
 FROM portainer/portainer:latest
 
 ADD favicon.ico /ico
-#ADD small.png /images/logo.png
 
 ENTRYPOINT ["/portainer"]

docker/ui-for-docker/README.md

@@ -1,26 +1,15 @@
-# dockerized portainer (ui-for-docker)
+[![](https://images.microbadger.com/badges/version/dtagdevsec/ui-for-docker:1710.svg)](https://microbadger.com/images/dtagdevsec/ui-for-docker:1710 "Get your own version badge on microbadger.com") [![](https://images.microbadger.com/badges/image/dtagdevsec/ui-for-docker:1710.svg)](https://microbadger.com/images/dtagdevsec/ui-for-docker:1710 "Get your own image badge on microbadger.com")
+
+# portainer
 
 [portainer](http://portainer.io/) Portainer allows you to manage your Docker containers, images, volumes, networks and more ! It is compatible with the standalone Docker engine and with Docker Swarm.
 
-This repository contains the necessary files to create a *dockerized* version of portainer.
-
 This dockerized version is part of the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)** of Deutsche Telekom AG.
 
 The `Dockerfile` contains the blueprint for the dockerized portainer and will be used to setup the docker image.  
 
-Using systemd, copy the `systemd/ui-for-docker.service` to `/etc/systemd/system/ui-for-docker.service` and start using
+The `docker-compose.yml` contains the necessary settings to test portainer using `docker-compose`. This will ensure to start the docker container with the appropriate permissions and port mappings.
 
-```
-systemctl enable ui-for-docker
-systemctl start ui-for-docker
-```
+# Portainer UI
 
-This will make sure that the docker container is started with the appropriate permissions and port mappings. Further, it autostarts during boot.
-
-# Portainer Dashboard
-
-![Portainer Dashboard](https://raw.githubusercontent.com/dtag-dev-sec/ui-for-docker/master/doc/dashboard1.png)
-![Portainer Dashboard](https://raw.githubusercontent.com/dtag-dev-sec/ui-for-docker/master/doc/dashboard2.png)
-![Portainer Dashboard](https://raw.githubusercontent.com/dtag-dev-sec/ui-for-docker/master/doc/dashboard3.png)
-![Portainer Dashboard](https://raw.githubusercontent.com/dtag-dev-sec/ui-for-docker/master/doc/dashboard4.png)
-![Portainer Dashboard](https://raw.githubusercontent.com/dtag-dev-sec/ui-for-docker/master/doc/dashboard5.png)
+![Portainer UI](https://raw.githubusercontent.com/dtag-dev-sec/tpotce/master/docker/ui-for-docker/doc/dashboard.png)

docker/ui-for-docker/docker-compose.yml

@@ -0,0 +1,21 @@
+# T-Pot (Standard)
+# For docker-compose ...
+version: '2.1'
+
+networks:
+  ui-for-docker_local:
+
+services:
+
+# Ui-for-docker service
+  ui-for-docker:
+    container_name: ui-for-docker
+    command:  -H unix:///var/run/docker.sock --no-auth
+    restart: always
+    networks:
+     - ui-for-docker_local
+    ports:
+     - "127.0.0.1:64299:9000"
+    image: "dtagdevsec/ui-for-docker:1710"
+    volumes:
+     - /var/run/docker.sock:/var/run/docker.sock

docker/ui-for-docker/systemd/ui-for-docker.service

@@ -1,14 +0,0 @@
-[Unit]
-Description=ui-for-docker
-Requires=docker.service
-After=docker.service
-
-[Service]
-Restart=always
-ExecStartPre=-/usr/bin/docker stop ui-for-docker
-ExecStartPre=-/usr/bin/docker rm -v ui-for-docker
-ExecStart=/usr/bin/docker run --name ui-for-docker --rm=true -v /var/run/docker.sock:/var/run/docker.sock -p 127.0.0.1:64299:9000 dtagdevsec/ui-for-docker:1706 -H unix:///var/run/docker.sock --no-auth
-ExecStop=/usr/bin/docker stop ui-for-docker
-
-[Install]
-WantedBy=multi-user.target

docker/vnclowpot/README.md

@@ -1,4 +1,15 @@
-[![](https://images.microbadger.com/badges/version/dtagdevsec/vnclowpot:1706.svg)](https://microbadger.com/images/dtagdevsec/vnclowpot:1706 "Get your own version badge on microbadger.com") [![](https://images.microbadger.com/badges/image/dtagdevsec/vnclowpot:1706.svg)](https://microbadger.com/images/dtagdevsec/vnclowpot:1706 "Get your own image badge on microbadger.com")
+[![](https://images.microbadger.com/badges/version/dtagdevsec/vnclowpot:1710.svg)](https://microbadger.com/images/dtagdevsec/vnclowpot:1710 "Get your own version badge on microbadger.com") [![](https://images.microbadger.com/badges/image/dtagdevsec/vnclowpot:1710.svg)](https://microbadger.com/images/dtagdevsec/vnclowpot:1710 "Get your own image badge on microbadger.com")
 
 # vnclowpot
 
+[vnclowpot](https://github.com/magisterquis/vnclowpot) is a low-interaction VNC honeypot with a static challenge.
+
+This dockerized version is part of the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)** of Deutsche Telekom AG.
+
+The `Dockerfile` contains the blueprint for the dockerized vnclowpot and will be used to setup the docker image.
+
+The `docker-compose.yml` contains the necessary settings to test vnclowpot using `docker-compose`. This will ensure to start the docker container with the appropriate permissions and port mappings.
+
+# vnclowpot Dashboard
+
+![vnclowpot Dashboard](https://raw.githubusercontent.com/dtag-dev-sec/tpotce/master/docker/vnclowpot/doc/dashboard.png)

docker/vnclowpot/docker-compose.yml

@@ -4,7 +4,7 @@ networks:
   vnclowpot_local:
 
 services:
- 
+
 # vnclowpot service
   vnclowpot:
     container_name: vnclowpot
@@ -13,6 +13,6 @@ services:
      - vnclowpot_local
     ports:
      - "5900:5900"
-    image: "dtagdevsec/vnclowpot:1706"
+    image: "dtagdevsec/vnclowpot:1710"
     volumes:
      - /data/vnclowpot/log:/var/log/vnclowpot