Skip to content

@t3chn0m4g3 t3chn0m4g3 released this Apr 1, 2019 · 21 commits to master since this release

Release Notes

  • Move from Ubuntu 18.04 to Debian (Sid)
    • For almost 5 years Ubuntu LTS versions were our distributions of choice. Last year we made a design choice for T-Pot to be closer to a rolling release model and thus allowing us to issue smaller changes and releases in a more timely manner. The distribution of choice is Debian (Sid / unstable) which will provide us with the latest advancements in a Debian based distribution.
  • Include HoneyPy honeypot
    • HoneyPy is now included in the NEXTGEN installation type
  • Include Suricata 4.1.3
    • Building Suricata 4.1.3 from scratch to enable JA3 and overall better protocol support.
  • Update tools to the latest versions
    • ELK Stack 6.6.2
    • CyberChef 8.27.0
    • SpiderFoot v3.0
    • Cockpit 188
    • NGINX is now built to enforce TLS 1.3 on the T-Pot WebUI
  • Update honeypots
    • Where possible / feasible the honeypots have been updated to their latest versions.
    • Cowrie now supports HASSH generated hashes which allows for an easier identification of an attacker accross IP adresses.
    • Heralding now supports SOCKS5 emulation.
  • Update Dashboards & Visualizations
    • Offset Dashboard added to easily spot changes in attacks on a single dashboard in 24h time window.
    • Cowrie Dashboard modified to integrate HASSH support / visualizations.
    • HoneyPy Dashboard added to support latest honeypot addition.
    • Suricata Dashboard modified to integrate JA3 support / visualizations.
  • Debian mirror selection
    • During base install you now have to manually select a mirror.
    • Upon T-Pot install the mirror closest to you will be determined automatically.
    • This solves peering problems for most of the users speeding up installation and updates.
  • Bugs
    • Fixed issue #298 where the import and export of objects on the shell did not work.
    • Fixed issue #313 where Spiderfoot raised a KeyError, which was previously fixed in upstream.
    • Fixed error in Suricata where path for reference.config changed.
  • Release Cycle
    • As far as possible we will integrate changes now faster into the master branch, eliminating the need for monolithic releases. The update feature will be continuously improved on that behalf. However this might not account for all feature changes.
  • HPFEEDS Opt-In
    • If you want to share your T-Pot data with a 3rd party HPFEEDS broker such as SISSDEN you can do so by creating an account at the SISSDEN portal and run hpfeeds_optin.sh on T-Pot.
  • Update Feature
    • For the ones who like to live on the bleeding edge of T-Pot development there is now an update script available in /opt/tpot/update.sh.
    • This feature is beta and is mostly intended to provide you with the latest development advances without the need of reinstalling T-Pot.
  • Deprecated tools
    • ctop will no longer be part of T-Pot.
Assets 4
You can’t perform that action at this time.