Skip to content

Commit

Permalink
In which our hero adds a tagged version to the UHP repo to pull and f…
Browse files Browse the repository at this point in the history
…ixes the pre-commit-config

Signed-off-by: Jesse Bowling <[email protected]>
  • Loading branch information
JesseBowling authored and Jesse Bowling committed Dec 13, 2018
1 parent cc4e572 commit 1e2f0b3
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 3 deletions.
2 changes: 1 addition & 1 deletion .pre-commit-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,4 +8,4 @@ repos:
- repo: https://github.com/adrienverge/yamllint.git
rev: v1.13.0
hooks:
- id: yamllint
- id: yamllint
13 changes: 11 additions & 2 deletions docs/prod_security.md
Original file line number Diff line number Diff line change
Expand Up @@ -152,7 +152,14 @@ services:
redis:
...
```
## Administrivia

You may find yourself in need to recovering the current DEPLOY_KEY in cases
where the server storage is lost or the container fully rebuilt (and the
honeypots already deployed need the new key to connect). Simply run the
following command on the server VM to recover the key:

docker-compose exec chnserver awk '/DEPLOY_KEY/' /opt/config.py

# Security

Expand All @@ -164,9 +171,11 @@ with the FQDN of the server (including the https:// stem), CHN can and will use

For example:
```bash
SERVER_BASE_URL='https://chn.my.org'
SERVER_BASE_URL='https://chn.my.org
```
It is also recommended that
Please note that using https with 'localhost' or an IP address will result in
a self-signed cert, as Certbot will not issue certificates for IP addresses
or localhost.
## Firewall
In order for honeypots to register and log data to the management server, the following inbound ports need to be open on the server and reachable by the honeypots:
Expand Down
2 changes: 2 additions & 0 deletions docs/uhp.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
UHP Honeypot
===============
__** WARNING: This honeypot is currently in ALPHA support for CHN and is not
likely suitable for production use at this time **__

The CommunityHoneyNetwork UHP Honeypot is an implementation of [@MattCarothers's UHP](https://github.com/MattCarothers/uhp), configured to report logged attacks to the CommunityHoneyNetwork management server.

Expand Down

0 comments on commit 1e2f0b3

Please sign in to comment.