Open arnydo opened 7 years ago
Everything is up and running but I don't seem to be logging any bistreams.
Logs are going to /data/dionaea/dionaea.log on my host.
Here are the few configs I made:
Dockerfile FROM dinotools/dionaea-docker:0.6 COPY conf/ihandlers/virustotal.yaml /opt/dionaea/etc/dionaea/ihandlers-enabled/ COPY conf/dionaea.cfg /opt/dionaea/etc/dionaea/ dionaea.cfg `[dionaea] download.dir=/data/dionaea/binaries/ modules=curl,python,nfq,emu,pcap processors=filter_emu
FROM dinotools/dionaea-docker:0.6 COPY conf/ihandlers/virustotal.yaml /opt/dionaea/etc/dionaea/ihandlers-enabled/ COPY conf/dionaea.cfg /opt/dionaea/etc/dionaea/
listen.mode=getifaddrs
[logging] default.filename=/data/dionaea/dionaea.log default.levels=all default.domains=*
errors.filename=/data/dionaea/dionaea-errors.log errors.levels=warning,error errors.domains=* docker run docker run -d -p 21:21 -p 42:42 -p 69:69/udp -p 80:80 -p 135:135 -p 443:443 -p 445:445 -p 1433:1433 -p 1723:1723 -p 1883:1883 -p 1900:1900/udp -p 3306:3306 -p 5060:5060 -p 5060:5060/udp -p 5061:5061 -p 11211:11211 -v /data/dionaea:/data/dionaea my-dionaea`
docker run
permissions `[root@ip-x.x.x.x data]# ls -laR .: total 12 drwxr-xr-x 3 root root 4096 Jun 29 03:30 . dr-xr-xr-x 26 root root 4096 Jun 29 03:30 .. drwxr-xr-x 4 dionaea dionaea 4096 Jun 29 12:12 dionaea
./dionaea: total 184 drwxr-xr-x 4 dionaea dionaea 4096 Jun 29 12:12 . drwxr-xr-x 3 root root 4096 Jun 29 03:30 .. drwxr-xr-x 2 dionaea dionaea 4096 Jun 29 03:33 binaries drwxr-xr-x 2 dionaea dionaea 4096 Jun 29 12:12 bistreams -rw-r--r-- 1 root root 624 Jun 29 12:10 dionaea-errors.log -rw-r--r-- 1 root root 167936 Jun 29 13:12 dionaea.log
./dionaea/binaries: total 8 drwxr-xr-x 2 dionaea dionaea 4096 Jun 29 03:33 . drwxr-xr-x 4 dionaea dionaea 4096 Jun 29 12:12 ..
./dionaea/bistreams: total 8 drwxr-xr-x 2 dionaea dionaea 4096 Jun 29 12:12 . drwxr-xr-x 4 dionaea dionaea 4096 Jun 29 12:12 .. `
Everything is up and running but I don't seem to be logging any bistreams.
Logs are going to /data/dionaea/dionaea.log on my host.
Here are the few configs I made:
Dockerfile
FROM dinotools/dionaea-docker:0.6 COPY conf/ihandlers/virustotal.yaml /opt/dionaea/etc/dionaea/ihandlers-enabled/ COPY conf/dionaea.cfg /opt/dionaea/etc/dionaea/
dionaea.cfg `[dionaea] download.dir=/data/dionaea/binaries/ modules=curl,python,nfq,emu,pcap processors=filter_emulisten.mode=getifaddrs
listen.addresses=127.0.0.1
listen.interfaces=eth0,tap0
Country
ssl.default.c=GB
Common Name/domain name
ssl.default.cn=
Organization
ssl.default.o=
Organizational Unit
ssl.default.ou=
[logging] default.filename=/data/dionaea/dionaea.log default.levels=all default.domains=*
errors.filename=/data/dionaea/dionaea-errors.log errors.levels=warning,error errors.domains=*
docker run
docker run -d -p 21:21 -p 42:42 -p 69:69/udp -p 80:80 -p 135:135 -p 443:443 -p 445:445 -p 1433:1433 -p 1723:1723 -p 1883:1883 -p 1900:1900/udp -p 3306:3306 -p 5060:5060 -p 5060:5060/udp -p 5061:5061 -p 11211:11211 -v /data/dionaea:/data/dionaea my-dionaea`permissions `[root@ip-x.x.x.x data]# ls -laR .: total 12 drwxr-xr-x 3 root root 4096 Jun 29 03:30 . dr-xr-xr-x 26 root root 4096 Jun 29 03:30 .. drwxr-xr-x 4 dionaea dionaea 4096 Jun 29 12:12 dionaea
./dionaea: total 184 drwxr-xr-x 4 dionaea dionaea 4096 Jun 29 12:12 . drwxr-xr-x 3 root root 4096 Jun 29 03:30 .. drwxr-xr-x 2 dionaea dionaea 4096 Jun 29 03:33 binaries drwxr-xr-x 2 dionaea dionaea 4096 Jun 29 12:12 bistreams -rw-r--r-- 1 root root 624 Jun 29 12:10 dionaea-errors.log -rw-r--r-- 1 root root 167936 Jun 29 13:12 dionaea.log
./dionaea/binaries: total 8 drwxr-xr-x 2 dionaea dionaea 4096 Jun 29 03:33 . drwxr-xr-x 4 dionaea dionaea 4096 Jun 29 12:12 ..
./dionaea/bistreams: total 8 drwxr-xr-x 2 dionaea dionaea 4096 Jun 29 12:12 . drwxr-xr-x 4 dionaea dionaea 4096 Jun 29 12:12 .. `