t3chn0m4g3
commented
1 month ago Hi @UncleRaymondo,
I have not tried it in a while (I remember we had an issue with it, but I cannot remember what it was), however this would be the service config in docker-compose.yml:
# Conpot default service
conpot_default:
container_name: conpot_default
restart: always
environment:
- CONPOT_CONFIG=/etc/conpot/conpot.cfg
- CONPOT_JSON_LOG=/var/log/conpot/conpot_default.json
- CONPOT_LOG=/var/log/conpot/conpot_default.log
- CONPOT_TEMPLATE=default
- CONPOT_TMP=/tmp/conpot
tmpfs:
- /tmp/conpot:uid=2000,gid=2000
networks:
- conpot_local_default
ports:
- "69:69/udp"
- "80:80"
- "102:102"
- "161:161/udp"
- "502:502"
- "623:623/udp"
- "21:21"
- "44818:44818"
- "47808:47808/udp"
image: "dtagdevsec/conpot:2404"
read_only: true
volumes:
- /data/conpot/log:/var/log/conpotHope this helps and good luck for the seminar!
All the best, Marco.
github-actions[bot]
Hi @t3chn0m4g3,
Long time no hear, my friend; I hope you are doing well!
Quickly, I've just deployed the latest TPOT, but I'm not seeing much around the industrial honeypots. I remember back in 2017/2018, I helped reconfigure Conpot to work with other protocols, and I can still see in the config that ports 502 Modbus and 47808 Bacnet are assigned to it but not configured. I then recall the discussion where you were moving to Kamstrup, which I now see as conpot_kamstrup_382.
Is there an easy way to activate these? Is it as easy as copying the template files from https://github.com/mushorg/conpot/tree/master/conpot/templates/default and creating configs and networks for each under the conpot.cfg and other files just like the others are configured?
I have an OT seminar I'm delivering in KSA in a couple of days and it would be good to add more of an industrial flavour to the available honeypots :)
Thanks in advance!
Cheers, Ray