Adds proxy-related options to the default configuration file, with options set to disabled by default. This makes the features more discoverable for new users.
This change adds optional support for running the threat feed server over HTTPS. This is controlled via the configuration file. Depending on the confgiuration, the threat feed may operate over either HTTP or HTTPS, but not both.
The following configuration options are added to the threat feed (the `<threatFeed>` section in the conffguration file):
- `<enableTLS>` - If `true`, the threat feed uses TLS. If `false` or if this is missing, use HTTP.
- `<certPath>` - Path to TLS cert in PEM format.
- `<keyPath>` - Path to private key in PEM format.
Default configuration files are updated to include the new settings. The TLS feature is off by default. Existing user configuration files only need to be updated if this feature is needed. Otherwise, existing configuration files start the threat feed using HTTP as before.
When the threat feed server starts in TLS mode, it automatically generates a self-signed cert if the cert and key files aen't found.
This change removes the `CustomThreatsPath` setting from the threat feed configuration. The default configuration files are updated with this setting removed.
This change removes the 'threat score' feature which allowed users to configure each honeypot server with a variable 'score' when updating the threat feed.
It is replaced with a fixed observation count that is incremented by 1 for each honeypot interaction.
The field `threat_score` has been replaced with `observations` in all API call parameters and threat feed data.
The `threat_score` field in the CSV file has been renamed to `observations`. Existing threat feed CSV files will be automatically updated on the next threat feed save.
This change adjusts the default SSH server version string to `SSH-2.0-OpenSSH_9.6`. This makes SSH honeypots appear as OpenSSH 9.6.
The change is applied both to default configuration files and as an application default when no configuration is provided.
This change updates the default configuration file by removing most comments. Configuration options will be documented separately.
The regex patterns in the default ruleset for HTTP honeypots is simplified.
- Add a default ruleset for HTTP and HTTPS honeypots.
- Restructure XML and add comments for each section.
- Change threat feed default port from 8081 to 9000.
- Change SSH honeypot default port from 2022 to 2222.
- Add example TCP and UDP honeypots.
This change modifies the XML schema for the configuration file. The top-level `logPath` element is renamed to `defaultLogPath`. This adjustment prepares for a future change to allow each server to specify its own log path.
