Telekom Security

Opensourcing our Honeypot Backend (well, parts of it)

The last years we have consistently supported the community by releasing new versions of our multi honeypot platform called T-Pot. This November we are proud to release a new version of T-Pot with exciting new features and …

something more.

Continue Reading →

Kaltura Video Platform - Pre-Auth Remote Code Execution (and XSS)

During an interal pentest several critical vulnerabilities could be identified in the latest version of Kaltura Community and Enterprise. The vulnerabilities were fixed in the latest release 13.2.0.

Update: A proof of concept exploit can be found here.

Continue Reading →

T-Pot Version 16.10 released

In March 2016 we released T-Pot 16.03 and the positive feedback encouraged us to continue development and share all the improvements with the community and are proud to present to you …

Continue Reading →

T-Pot Version 16.03 released

Last year we released T-Pot 15.03 as open source and we received lots of positive feedback and naturally feature requests which encouraged us to continue development and share our work as open source and are proud to present to you …

Continue Reading →

Manual Docker Update for T-Pot (docker-engine 1.10)

Yesterday Docker released version 1.10 (http://blog.docker.com/2016/02/docker-1-10/). While this release will improve on security and bring lots of useful features the automatic upgrade within T-Pot (http://dtag-dev-sec.github.io/feature/2015/10/23/updated-docker.html) will hang.

Continue Reading →

Updated Docker Ubuntu Repository for T-Pot

Last spring we released T-Pot and ever since, Docker evolved rapidly with new versions, new features, and eventually a new repository. With regards to early releases of T-Pot and the fast development of Docker, we manually pinned the Docker versions used to the 1.5.x and 1.6.x branches. Now, with the latest Docker releases and Dockers’ switch to a new repository for Ubuntu (and deprecating the one we have been using), we updated the T-Pot ISO and the GitHub project accordingly.

Continue Reading →

Introduction into T-Pot: A Multi-Honeypot Platform

We created a honeypot platform, which is based on the well-established honeypots glastopf, kippo, honeytrap and dionaea, the network IDS/IPS suricata, elasticsearch-logstash-kibana, ewsposter and some docker magic. We want to make this technology available to everyone who is interested and release it as a Community Edition. We want to encourage you to participate.

Continue Reading →

Brand new Design for our "Sicherheitstacho" (Securitymeter)

We have just now updated our Sicherheitstacho to be able to show the data from the community honeypots. Just follow this link.

Continue Reading →