feat: final working demo Dockerfiles

Demo/Dockerfiles/Dockerfile.attaquant

@@ -2,8 +2,9 @@ FROM python:alpine3.20
 
 # Installation des paquets nécessaires pour scapy
 RUN apk -U upgrade && \
-    apk add --no-cache libpcap libpcap-dev gcc musl-dev libffi-dev nmap iproute2
-RUN pip install scapy
+    apk add --no-cache nmap iproute2
+RUN echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories
+RUN apk -U add --no-cache hping3
 
 COPY Demo/Dockerfiles/attaquant-entrypoint.sh /entrypoint.sh
 RUN chmod +x /entrypoint.sh

Demo/Dockerfiles/Dockerfile.cible

@@ -1,15 +1,9 @@
-FROM python:alpine3.20
+FROM httpd:alpine
 
-# Installation des paquets nécessaires pour scapy
-RUN apk -U upgrade && \
-    apk add --no-cache libpcap libpcap-dev gcc musl-dev libffi-dev iproute2
-RUN pip install scapy
+# Installation des paquets nécessaire pour le routage
+RUN apk -U upgrade && apk add --no-cache iproute2
 
 COPY Demo/Dockerfiles/cible-entrypoint.sh /entrypoint.sh
 RUN chmod +x /entrypoint.sh
 ENTRYPOINT ["/entrypoint.sh"]
-# Copier le script de détection d'attaques
-#COPY cible.py /cible.py
-
-# Lancer le script de détection
-#CMD ["python", "/cible.py"]
+CMD ["httpd-foreground"]

Demo/Dockerfiles/Dockerfile.idps

@@ -16,7 +16,7 @@ WORKDIR /app
 COPY idps /app/idps
 
 # Copie du fichier de configuration
-COPY config.json /app/config.json
+COPY Demo/config/config-idps.json /app/config.json
 
 # Utiliser le script comme point d'entrée
 ENTRYPOINT ["/entrypoint.sh"]

Demo/Dockerfiles/Dockerfile.ids

@@ -12,7 +12,7 @@ WORKDIR /app
 COPY idps /app/ids
 
 # Copie du fichier de configuration
-COPY config.json /app/config.json
+COPY Demo/config/config-ids.json /app/config.json
 
 # Lancer le script de la sonde IDS
-CMD ["python3", "/app/ids/ids.py"]
+CMD ["python3", "/app/ids/main.py"]

Demo/config/config-idps.json

@@ -0,0 +1,31 @@
+{
+	"rules_dirpath": "/app/idps/rules",
+	"ifaces": ["eth1"],
+	"db_host": "172.20.3.10",
+	"db_database": "sidps",
+	"db_user": "sidps",
+	"db_password": "SUPERPASSWORD",
+	"db_port": "3306",
+	"cef_version": 1,
+	"device_product": "SIDPS", 
+	"device_vendor": "ArKa",
+	"device_version": "vAlpha",
+	"synscan_time": 180,
+	"synscan_count": 5,
+	"tcpconnectscan_time": 180,
+	"tcpconnectscan_count": 5,
+	"ackscan_time": 180,
+	"ackscan_count": 5,
+	"finscan_time": 180,
+	"finscan_count": 5,
+	"nullscan_time": 180,
+	"nullscan_count": 5,
+	"xmasscan_time": 180,
+	"xmasscan_count": 5,
+	"synflood_time": 60,
+	"synflood_count": 100,
+	"tcpconnectflood_time": 60,
+	"tcpconnectflood_count": 100,
+	"syndos_time": 60,
+	"syndos_count": 100
+}

Demo/config/config-ids.json

@@ -0,0 +1,31 @@
+{
+	"rules_dirpath": "/app/ids/rules",
+	"ifaces": ["br-c56b595383ad"],
+	"db_host": "172.20.3.10",
+	"db_database": "sidps",
+	"db_user": "sidps",
+	"db_password": "SUPERPASSWORD",
+	"db_port": "3306",
+	"cef_version": 1,
+	"device_product": "Sonde IDS", 
+	"device_vendor": "ArKa",
+	"device_version": "vAlpha",
+	"synscan_time": 180,
+	"synscan_count": 5,
+	"tcpconnectscan_time": 180,
+	"tcpconnectscan_count": 5,
+	"ackscan_time": 180,
+	"ackscan_count": 5,
+	"finscan_time": 180,
+	"finscan_count": 5,
+	"nullscan_time": 180,
+	"nullscan_count": 5,
+	"xmasscan_time": 180,
+	"xmasscan_count": 5,
+	"synflood_time": 60,
+	"synflood_count": 100,
+	"tcpconnectflood_time": 60,
+	"tcpconnectflood_count": 100,
+	"syndos_time": 60,
+	"syndos_count": 100
+}

Demo/docker-compose.yml

@@ -20,7 +20,6 @@ services:
       context: ..
       dockerfile: Demo/Dockerfiles/Dockerfile.idps
     container_name: idps
-    command: sleep infinity
     cap_add:
       - NET_ADMIN
       - NET_RAW
@@ -39,7 +38,6 @@ services:
       context: ..
       dockerfile: Demo/Dockerfiles/Dockerfile.cible
     container_name: cible
-    command: sleep infinity
     cap_add:
       - NET_ADMIN
     networks:
@@ -67,7 +65,6 @@ services:
       context: ..
       dockerfile: Demo/Dockerfiles/Dockerfile.ids
     container_name: ids
-    command: sleep infinity
     cap_add:
       - NET_ADMIN
       - NET_RAW