Skip to content
  • 20.06.1
  • 2bac239
  • Compare
    Choose a tag to compare
    Search for a tag
  • 20.06.1
  • 2bac239
  • Compare
    Choose a tag to compare
    Search for a tag

@t3chn0m4g3 t3chn0m4g3 released this Sep 4, 2020 · 4 commits to master since this release

20200904

  • Release T-Pot 20.06.1

    • Github offers a free Docker Container Registry for public packages. For our Open Source projects we want to make sure to have everything in one place and thus moving from Docker Hub to the GitHub Container Registry.
  • Bump Elastic Stack

    • Update the Elastic Stack to 7.9.1.
  • Rebuild Images

    • All docker images were rebuilt based on the latest (and stable running) versions of the tools and honeypots and have been pinned to specific Alpine / Debian versions and git commits so rebuilds will less likely fail.
  • Cleaning up

    • Clean up old references and links.
  • Upgrade from 20.06.0

    • You can upgrade from T-Pot 20.06.0 by using /opt/tpot/update.sh.
    • Make sure you allow docker traffic to the GitHub Container Registry ghcr.io.
Assets 4
  • 20.06.0
  • 3badae5
  • Compare
    Choose a tag to compare
    Search for a tag
  • 20.06.0
  • 3badae5
  • Compare
    Choose a tag to compare
    Search for a tag

@t3chn0m4g3 t3chn0m4g3 released this Jun 30, 2020 · 37 commits to master since this release

Release Notes

Upgrade from 19.03.x

  • If you are running T-Pot 19.x you can upgrade to T-Pot 20.06.0 by running /opt/tpot/update.sh. Please be aware upgrades can break things, so please backup all of your data or take snapshot of your machine before you run the update procedure.
  • To protect possible changes of your Kibana objects you need to manually export (backup) your objects and manually import (overwrite) the provided T-Pot Kibana Objects after upgrading.

Changelog

  • Release T-Pot 20.06.0
    • After 4 months of public testing with the NextGen edition T-Pot 20.06 can finally be released.
  • Debian Buster
    • With the release of Debian Buster T-Pot now has access to all packages required right out of the box.
  • Add new honeypots
    • Dicompot by @nsmfoo is a low interaction honeypot for the Dicom protocol which is the international standard to process medical imaging information. Together with Medpot which supports the HL7 protocol T-Pot is now offering a Medical Installation type.
    • Honeysap by SecureAuthCorp is a low interaction honeypot for the SAP services, in case of T-Pot configured for the SAP router.
    • Elasticpot by Vesselin Bontchev replaces ElasticpotPY as a low interaction honeypot for Elasticsearch with more features, plugins and scripted responses.
  • Rebuild Images
    • All docker images were rebuilt based on the latest (and stable running) versions of the tools and honeypots. Mostly the images now run on Alpine 3.12 / Debian Buster. However some honeypots / tools still reuire Alpine 3.11 / 3.10 to run properly.
  • Install Types
    • All docker-compose files (/opt/tpot/etc/compose) were remixed and most of the NextGen honeypots are now available in Standard.
    • There is now a Medical Installation Type with Dicompot and Medpot which will be of most interest for medical institutions to get started with T-Pot.
  • Update Tools
    • Connecting to T-Pot via https://<ip>:64297 brings you to the T-Pot Landing Page now which is based on Heimdall and the latest NGINX enforcing TLS 1.3.
    • The ELK stack was updated to 7.8.0 and stripped down to the necessary core functions (where possible) for T-Pot while keeping ELK RAM requirements to a minimum (8GB of RAM is recommended now). The number of index pattern fields was reduced to 697 which increases performance significantly. There are 22 Kibana Dashboards, 397 Kibana Visualizations and 24 Kibana Searches readily available to cover all your needs to get started and familiar with T-Pot.
    • Cyberchef was updated to 9.21.0.
    • Elasticsearch Head was updated to the latest version available on GitHub.
    • Spiderfoot was updated to latest 3.1 dev.
  • Landing Page
    • After logging into T-Pot via web you are now greeted with a beautifully designed landing page.
  • Countless Tweaks and improvements
    • Under the hood lots of tiny tweaks, improvements and a few bugfixes will increase your overall experience with T-Pot.
Assets 4
  • 19.03.3
  • e588e62
  • Compare
    Choose a tag to compare
    Search for a tag
  • 19.03.3
  • e588e62
  • Compare
    Choose a tag to compare
    Search for a tag

@t3chn0m4g3 t3chn0m4g3 released this Mar 16, 2020 · 114 commits to master since this release

This is a maintenance release moving from Debian Sid to Debian Stable.

Assets 2

@t3chn0m4g3 t3chn0m4g3 released this Aug 2, 2019 · 308 commits to master since this release

Release Notes

  • Adding support to install T-Pot upon Debian Buster.
  • Moving base installation of ISO from Debian Stretch to Debian Buster.
  • In both cases installation will be upgraded to Debian Sid.
  • Detailed changes can be reviewed in the changelog.
Assets 2
  • 19.03
  • ecb2b4a
  • Compare
    Choose a tag to compare
    Search for a tag
  • 19.03
  • ecb2b4a
  • Compare
    Choose a tag to compare
    Search for a tag

@t3chn0m4g3 t3chn0m4g3 released this Apr 1, 2019 · 493 commits to master since this release

Release Notes

  • Move from Ubuntu 18.04 to Debian (Sid)
    • For almost 5 years Ubuntu LTS versions were our distributions of choice. Last year we made a design choice for T-Pot to be closer to a rolling release model and thus allowing us to issue smaller changes and releases in a more timely manner. The distribution of choice is Debian (Sid / unstable) which will provide us with the latest advancements in a Debian based distribution.
  • Include HoneyPy honeypot
    • HoneyPy is now included in the NEXTGEN installation type
  • Include Suricata 4.1.3
    • Building Suricata 4.1.3 from scratch to enable JA3 and overall better protocol support.
  • Update tools to the latest versions
    • ELK Stack 6.6.2
    • CyberChef 8.27.0
    • SpiderFoot v3.0
    • Cockpit 188
    • NGINX is now built to enforce TLS 1.3 on the T-Pot WebUI
  • Update honeypots
    • Where possible / feasible the honeypots have been updated to their latest versions.
    • Cowrie now supports HASSH generated hashes which allows for an easier identification of an attacker accross IP adresses.
    • Heralding now supports SOCKS5 emulation.
  • Update Dashboards & Visualizations
    • Offset Dashboard added to easily spot changes in attacks on a single dashboard in 24h time window.
    • Cowrie Dashboard modified to integrate HASSH support / visualizations.
    • HoneyPy Dashboard added to support latest honeypot addition.
    • Suricata Dashboard modified to integrate JA3 support / visualizations.
  • Debian mirror selection
    • During base install you now have to manually select a mirror.
    • Upon T-Pot install the mirror closest to you will be determined automatically.
    • This solves peering problems for most of the users speeding up installation and updates.
  • Bugs
    • Fixed issue #298 where the import and export of objects on the shell did not work.
    • Fixed issue #313 where Spiderfoot raised a KeyError, which was previously fixed in upstream.
    • Fixed error in Suricata where path for reference.config changed.
  • Release Cycle
    • As far as possible we will integrate changes now faster into the master branch, eliminating the need for monolithic releases. The update feature will be continuously improved on that behalf. However this might not account for all feature changes.
  • HPFEEDS Opt-In
    • If you want to share your T-Pot data with a 3rd party HPFEEDS broker such as SISSDEN you can do so by creating an account at the SISSDEN portal and run hpfeeds_optin.sh on T-Pot.
  • Update Feature
    • For the ones who like to live on the bleeding edge of T-Pot development there is now an update script available in /opt/tpot/update.sh.
    • This feature is beta and is mostly intended to provide you with the latest development advances without the need of reinstalling T-Pot.
  • Deprecated tools
    • ctop will no longer be part of T-Pot.
Assets 2
Pre-release

@t3chn0m4g3 t3chn0m4g3 released this Feb 19, 2019

This release is deprecated. Installation will leave you with a non-working installation.

Assets 2
Jan 28, 2019
Update update.sh

@t3chn0m4g3 t3chn0m4g3 released this Dec 7, 2018 · 629 commits to master since this release

This release is deprecated. Installation will leave you with a non-working installation.

Assets 2
  • 17.10
  • a370ae5
  • Compare
    Choose a tag to compare
    Search for a tag
  • 17.10
  • a370ae5
  • Compare
    Choose a tag to compare
    Search for a tag

@t3chn0m4g3 t3chn0m4g3 released this Nov 7, 2017 · 915 commits to master since this release

This release is deprecated. Installation will leave you with a non-working installation.

Assets 2
Pre-release

@t3chn0m4g3 t3chn0m4g3 released this Oct 19, 2017 · 925 commits to master since this release

T-Pot 17.10 Beta.

This release is deprecated. Installation will leave you with a non-working installation.

Assets 2
You can’t perform that action at this time.