Release Notes / Changelog
T-Pot 24.04.0 marks probably the largest change in the history of the project. While most of the changes have been made to the underlying platform some changes will be standing out in particular - a T-Pot ISO image will no longer be provided with the benefit that T-Pot will now run on multiple Linux distributions (Alma Linux, Debian, Fedora, OpenSuse, Raspbian, Rocky Linux, Ubuntu), Raspberry Pi (optimized) and macOS / Windows (limited).
New Features
- Distributed Installation is now using NGINX reverse proxy instead of SSH to transmit HIVE_SENSOR logs to HIVE
deploy.sh
, will make the deployment of sensor much easier and will automatically take care of the configuration. You only have to install the T-Pot sensor.- T-Pot Init is the foundation for running T-Pot on multiple Linux distributions and will also ensure to restart containers with failed healthchecks using autoheal
- T-Pot Installer is now mostly Ansible based providing a universal playbook for the most common Linux distributions
- T-Pot Uninstaller allows to uninstall T-Pot, while not recommended for general usage, this comes in handy for testing purposes
- T-Pot Customizer (
compose/customizer.py
) is here to assist you in the creation of a customizeddocker-compose.yml
- T-Pot Landing Page has been redesigned and simplified
- Kibana Dashboards, Objects fully refreshed in favor of Lens based objects
- Wordpot is added as new addition to the available honeypots within T-Pot and will run on
tcp/8080
by default. - Raspberry Pi is now supported using a dedicated
mobile.yml
(why this is called mobile will be revealed soon!) - GeoIP Attack Map is now aware of connects / disconnects and thus eliminating required reloads
- Docker, where possible, will now be installed directly from the Docker repositories to avoid any incompatibilities
.env
now provides a single configuration file for the T-Pot related settingsgenuser.sh
can now be used to add new users to the T-Pot Landing Page as part of the T-Pot configuration file (.env
)
Updates
- Honeypots and tools were updated to their latest pushed code and / or releases
- Where possible Docker Images will now use Alpine 3.19
- Updates will be provided continuously through Docker Images updates
Breaking Changes
- There is no option to migrate a previous installation to T-Pot 24.04.0, you can try to transfer the old
data
folder to the new T-Pot installation, but a working environment depends on too many other factors outside of our control and a new installation is simply faster. - Most of the support scripts were moved into the T-Pot Init image and are no longer available directly on the host.
- Cockpit is no longer available as part of T-Pot itself. However, where supported, you can simply install the
cockpit
package.
Thanks & Credits
- @sp3t3rs, @trixam, for their backend and ews support!
- @cha147 made their first contribution in #1135
- @ctulio made their first contribution in #1187
- @zambroid made their first contribution in #1173
- @kawaiipantsu made their first contribution in #1259
- @tadashi-oya made their first contribution in #1283
- @kauedg made their first contribution in #1338
- @swiftsolves-msft made their first contribution in #1369
- @shark4ce for taking the time to test, debug and offer a solution #1472
History of merged changes
- Fix typos in readme by @cha147 in #1135
- Update some url repos by @ctulio in #1187
- Corrected small typos by @zambroid in #1173
- Update updateip.sh by @kawaiipantsu in #1259
- Fixing uri max size by @kawaiipantsu in #1266
- fix empty myINSTALLPACKAGES by @tadashi-oya in #1283
- call $0 instead of hardcoded script name by @kauedg in #1338
- fixes #1346 by @t3chn0m4g3 in #1351
- Azure Deployment via ARM template by @swiftsolves-msft in #1369
- 24.04 by @t3chn0m4g3 in #1513
Full Changelog: 22.04.0...24.04.0