- HPFEEDS Opt-In commandline option
- Pass a hpfeeds config file as a commandline argument
- hpfeeds config is saved in
/data/ews/conf/hpfeeds.cfg - Update script restores hpfeeds config
- Finalize Fatt support
- Build visualizations, searches, dashboards
- Rebuild index patterns
- Some finishing touches
- Start supporting Fatt, remove Glastopf
- Build Dockerfile, Adjust logstash, installer, update and such.
- Glastopf is no longer supported within T-Pot
- Increase total number of fields
- Adjust total number of fileds for logstash templae from 1000 to 2000.
- Fix build for Cowrie
- Upstream changes required a new package
py-bcrypt.
- Upstream changes required a new package
- Fix build for RDPY
- Building was prevented due to cache error which occurs lately on Alpine if
apkis using `--no-ache' as options.
- Building was prevented due to cache error which occurs lately on Alpine if
- Adjust permissions for /data folder
- Now it is possible to download files from
/datausing SCP, WINSCP or CyberDuck.
- Now it is possible to download files from
- Added Ansible T-Pot Deployment on Open Telekom Cloud
- Reusable Ansible Playbooks for all cloud providers
- Example Showcase with our Open Telekom Cloud
- Add hptest script
- Quickly test if the honeypots are working with
hptest.sh <[ip,host]>based on nmap.
- Quickly test if the honeypots are working with
- Add tsec / install user to tpot group
- For users being able to easily download logs from the /data folder the installer now adds the
tpotor the logged in user (who am i) viausermod -a -G tpot <user>to the tpot group. Also /data permissions will now be enforced to770, which is necessary for directory listings.
- For users being able to easily download logs from the /data folder the installer now adds the
- Fix KVPs
- Some KVPs for Cowrie changed and the tagcloud was not showing any values in the Cowrie dashboard.
- New installations are not affected, however existing installations need to import the objects from /opt/tpot/etc/objects/kibana-objects.json.zip.
- Makeiso
- Move to Xorriso for building the ISO image.
- This allows to support most of the Debian based distros, i.e. Debian, MxLinux and Ubuntu.
- Rebuild ISO
- The install ISO needed a rebuilt after some changes in the Debian mirrors.
- Disable Netselect
- After some reports in the issues that some Debian mirrors were not fully synced and thus some packages were unavailable the netselect-apt feature was disabled.
- Fix for SSH
- In some situations the SSH Port was not written to a new line (thanks to @dpisano for reporting).
- Fix race condition for apt-fast
- Curl and wget need to be installed before apt-fast installation.
- Fix #332
- If T-Pot, opposed to the requirements, does not have full internet access netselect-apt fails to determine the fastest mirror as it needs ICMP and UDP outgoing. Should netselect-apt fail the default mirrors will be used.
- Improve install speed with apt-fast
- Migrating from a stable base install to Debian (Sid) requires downloading lots of packages. Depending on your geo location the download speed was already improved by introducing netselect-apt to determine the fastest mirror. With apt-fast the downloads will be even faster by downloading packages not only in parallel but also with multiple connections per package.