b3b983afe6 
					 
					
						
						
							
							Change method to get default Suricata interface  
						
						... 
						
						
						
						On some systems, interface number 2 is not always the correct one.
With AWK we now collect the first active interface having both an
address and a broadcast. 
						
						
							
						
					 
					
						2021-01-06 11:14:24 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						273cab4759 
					 
					
						
						
							
							Update general-issue-for-t-pot.md  
						
						
						
						
							
						
					 
					
						2021-01-05 16:03:42 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						e1745bdea1 
					 
					
						
						
							
							fix broken sqlite db  
						
						
						
						
							
						
					 
					
						2020-12-28 21:49:28 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c34570f665 
					 
					
						
						
							
							remove docker parallel pulls  
						
						
						
						
							
						
					 
					
						2020-12-28 20:54:09 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						020cbb5355 
					 
					
						
						
							
							avoid ghcr.io because of slow transfers  
						
						
						
						
							
						
					 
					
						2020-12-28 20:37:47 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						aea14c9ead 
					 
					
						
						
							
							docker pull background  
						
						
						
						
							
						
					 
					
						2020-12-28 17:46:05 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						b57f6ddd1e 
					 
					
						
						
							
							remove netselect-apt  
						
						... 
						
						
						
						causes too many unpredictable errors
#733  as the latest example 
						
						
							
						
					 
					
						2020-12-28 10:40:19 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						af6ce8854d 
					 
					
						
						
							
							bump elastic stack to 7.10.1  
						
						
						
						
							
						
					 
					
						2020-12-10 15:20:18 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						6069b214a5 
					 
					
						
						
							
							bump ewsposter to 1.12  
						
						
						
						
							
						
					 
					
						2020-12-10 11:40:53 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						252051dfe7 
					 
					
						
						
							
							Merge pull request  #731  from shaderecker/patch-1  
						
						... 
						
						
						
						More Python 3 stuff 
						
						
							
						
					 
					
						2020-12-04 15:41:27 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f9fa1bcc74 
					 
					
						
						
							
							Fix setup on Debian  
						
						... 
						
						
						
						On Debian there are not the same preinstalled packages as on Ubuntu.
Fix the compilation of netifaces, which requires gcc and python3-dev. 
						
						
							
						
					 
					
						2020-12-04 14:42:32 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f3f9f6ae72 
					 
					
						
						
							
							cleanup  
						
						
						
						
							
						
					 
					
						2020-12-03 00:01:38 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						bdf095367d 
					 
					
						
						
							
							prep for ewsposter 1.11  
						
						
						
						
							
						
					 
					
						2020-12-02 23:21:23 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						4abb0e5ce6 
					 
					
						
						
							
							Missed this one  
						
						... 
						
						
						
						Python 3 is our friend :D 
						
						
							
						
					 
					
						2020-12-02 23:56:54 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ba87ebfdaa 
					 
					
						
						
							
							update objects for Elastic Stack 7.10.0  
						
						
						
						
							
						
					 
					
						2020-12-02 22:54:54 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						8a7e81815e 
					 
					
						
						
							
							prep for Elastic Stack 7.10.0  
						
						
						
						
							
						
					 
					
						2020-12-02 22:36:17 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						17eff81e9c 
					 
					
						
						
							
							Merge pull request  #728  from shaderecker/patch-1  
						
						... 
						
						
						
						Update pip dependency to Python3 
						
						
							
						
					 
					
						2020-11-30 20:06:05 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f8f1bc1757 
					 
					
						
						
							
							Merge pull request  #727  from adepasquale/suricata-update  
						
						... 
						
						
						
						Suricata: use suricata-update for rule management 
						
						
							
						
					 
					
						2020-11-30 20:05:24 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						87a27e4f2b 
					 
					
						
						
							
							Suricata: use suricata-update for rule management  
						
						... 
						
						
						
						As a bonus we can now run "suricata-update" using docker-exec,
triggering both a rule update and a Suricata rule reload. 
						
						
							
						
					 
					
						2020-11-30 17:56:14 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						7f8f3a01c3 
					 
					
						
						
							
							Update pip dependency to Python3  
						
						
						
						
							
						
					 
					
						2020-11-30 17:27:28 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						2ecef8c607 
					 
					
						
						
							
							enable MQTT  
						
						... 
						
						
						
						as eagle eyed by @adepasquale 
						
						
							
						
					 
					
						2020-11-27 19:07:12 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d992a25a0a 
					 
					
						
						
							
							Merge pull request  #726  from adepasquale/suricata-yaml-6.0.x  
						
						... 
						
						
						
						Suricata: update suricata.yaml config to 6.0.x 
						
						
							
						
					 
					
						2020-11-27 18:55:57 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						73a5847753 
					 
					
						
						
							
							Suricata: update suricata.yaml config to 6.0.x  
						
						... 
						
						
						
						Merge in the latest updates from suricata-6.0.x while at the same time
keeping the custom T-Pot configuration.
https://github.com/OISF/suricata/blob/suricata-6.0.0/suricata.yaml.in  
						
						
							
						
					 
					
						2020-11-26 19:16:01 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c976aea73e 
					 
					
						
						
							
							Merge pull request  #725  from adepasquale/suricata-yaml-5.x  
						
						... 
						
						
						
						Suricata: update suricata.yaml config to 5.x 
						
						
							
						
					 
					
						2020-11-26 16:23:50 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						4ada38988c 
					 
					
						
						
							
							bump cowrie to 2.2.0  
						
						
						
						
							
						
					 
					
						2020-11-26 08:17:09 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						0010f99662 
					 
					
						
						
							
							Suricata: disable eve.stats since it's unused  
						
						... 
						
						
						
						Prevent the error below by disabling stats globally and in eve-log:
<Error> - [ERRCODE: SC_ERR_STATS_LOG_GENERIC(278)] - eve.stats: stats are disabled globally: set stats.enabled to true. 
						
						
							
						
					 
					
						2020-11-25 17:07:49 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						e2f76c44cb 
					 
					
						
						
							
							Suricata: update suricata.yaml config to 5.x  
						
						... 
						
						
						
						Merge in the latest updates from suricata-5.x while at the same time
keeping the custom T-Pot configuration.
https://github.com/OISF/suricata/blob/master-5.0.x/suricata.yaml.in  
						
						
							
						
					 
					
						2020-11-25 15:51:41 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						e26853c7fa 
					 
					
						
						
							
							bump suricata to 5.0.4  
						
						
						
						
							
						
					 
					
						2020-10-28 17:53:23 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d64cbe6741 
					 
					
						
						
							
							bump ipphoney to latest master  
						
						
						
						
							
						
					 
					
						2020-10-28 17:34:28 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c3809b5a98 
					 
					
						
						
							
							bump heralding to latest master  
						
						
						
						
							
						
					 
					
						2020-10-28 17:27:09 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						a3d40cc57c 
					 
					
						
						
							
							bump spiderfoot to 3.2.1  
						
						
						
						
							
						
					 
					
						2020-10-28 17:08:55 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						e3fda4d464 
					 
					
						
						
							
							bump dionaea to 0.9.2  
						
						
						
						
							
						
					 
					
						2020-10-28 16:45:53 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						4bf245d13b 
					 
					
						
						
							
							bump conpot to latest master  
						
						
						
						
							
						
					 
					
						2020-10-28 13:56:52 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						92925cecbd 
					 
					
						
						
							
							bump dicompot to latest master  
						
						
						
						
							
						
					 
					
						2020-10-27 21:30:33 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f204cdf9b8 
					 
					
						
						
							
							bump elk to 7.3  
						
						
						
						
							
						
					 
					
						2020-10-27 19:43:32 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ff4a394e3b 
					 
					
						
						
							
							reverting elk to 7.9.1  
						
						
						
						
							
						
					 
					
						2020-10-15 12:24:46 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ce7b79b71a 
					 
					
						
						
							
							Merge pull request  #707  from brianlechthaler/patch-3  
						
						... 
						
						
						
						Bump Elastic dependencies to 7.9.2 
						
						
							
						
					 
					
						2020-10-15 13:37:11 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						b28cc2edd0 
					 
					
						
						
							
							prepare for new ewsposter  
						
						
						
						
							
						
					 
					
						2020-10-15 09:14:30 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						84a741ec64 
					 
					
						
						
							
							IMPORTANT: Fix Node Version  
						
						... 
						
						
						
						Bump node version to `10.22.1-alpine`
**KIBANA WILL NOT WORK WITHOUT THIS** 
						
						
							
						
					 
					
						2020-10-07 13:53:21 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						6b37578d8d 
					 
					
						
						
							
							Merge pull request  #706  from brianlechthaler/patch-2  
						
						... 
						
						
						
						Debian 10.6 AMI + Add AWS Regions 
						
						
							
						
					 
					
						2020-10-07 14:28:19 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d351a89096 
					 
					
						
						
							
							Bump Kibana version to 7.9.2  
						
						
						
						
							
						
					 
					
						2020-10-04 18:05:16 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						488da48df7 
					 
					
						
						
							
							Bump Logstash version to 7.9.2  
						
						
						
						
							
						
					 
					
						2020-10-04 18:04:15 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						85da099cd0 
					 
					
						
						
							
							Bump Elasticsearch to 7.9.2  
						
						
						
						
							
						
					 
					
						2020-10-04 18:03:00 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						bd8a9ca92d 
					 
					
						
						
							
							Debian 10.6 AMI + Add AWS Regions  
						
						... 
						
						
						
						# Changes:
1) 🇿🇦  Add AWS Capetown, South Africa Region (`af-south-1`)
2) 🇮🇹  Add AWS Milan, Italy Region (`eu-south-1`)
3) Bump all AMIs to Debian Buster 10.6
# References:
1) Debian 10 (Buster) Wiki Article on Official EC2 Images: https://wiki.debian.org/Cloud/AmazonEC2Image/Buster?action=recall&rev=16 
2) For information on Debian 10.6, see: https://www.debian.org/News/2020/20200926 
3) Official AWS Documentation on Regions and Zones can be found here: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html  
						
						
							
						
					 
					
						2020-10-03 22:22:57 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						1afbb89ef4 
					 
					
						
						
							
							Merge pull request  #691  from brianlechthaler/patch-1  
						
						... 
						
						
						
						Update Suricata Capture Filter for New Docker Repo 
						
						
							
						
					 
					
						2020-09-08 20:08:28 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						b1d8e293de 
					 
					
						
						
							
							add DockerHub back in cap filter  
						
						... 
						
						
						
						see https://github.com/telekom-security/tpotce/pull/691#issuecomment-688648225  
						
						
							
						
					 
					
						2020-09-08 10:45:58 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						7fdf9edb60 
					 
					
						
						
							
							Update Suricata Capture Filter for New Docker Repo  
						
						
						
						
							
						
					 
					
						2020-09-07 19:57:15 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						0e7abb8d2c 
					 
					
						
						
							
							restore mibfix for conpot  
						
						
						
						
							
						
					 
					
						2020-09-07 15:46:52 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						2bac239763 
					 
					
						
						
							
							fix version string for update check  
						
						
						
						
							
 
						
					 
					
						2020-09-04 18:59:15 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						a90f135f06 
					 
					
						
						
							
							Merge pull request  #690  from telekom-security/ghcr  
						
						... 
						
						
						
						Move to GitHub Container Registry, Cleanup, Bump ELK stack to 7.9.1 
						
						
							
						
					 
					
						2020-09-04 18:55:54 +02:00