I am after setup clear system TOS5 on Omnia … how do I verify that colletion data is working properly?
There is no data collection section in Foris indicating the correct function. Data collection packages are installed.
There’s only agreement to the terms in reForis. On the page https://view.sentinel.turris.cz/ isn`t still private accounts. My external IP has ports 22, 23 and 80 are opened but other ports 2323, 3128, 8080, 8123 are closed!
I remind you that in the clean installation of TOS 5, I activated the data collection in the prescribed way in reForis. Now I don’t care if it works … but where is status check the data upload of: firewall, haas and minipots.
Port 22 is open, so haas is working as it should, and I can check with [Honeypot as a Service - Login to HaaS. The three sentinel* processes mentioned by you, are enabled and started in the processes.
I need information on how to verify that firewal and minipot data collection is working. I have doubts about this because the ports that should be open (as I was used to with TOS 4) 2323, 3128, 8080, 8123 open do not work. In TOS 4, I had this feature indicated in Foris and haas see at haas.nic.cz.
That’s how the minipot ports number are set changed (comparison with TOS 4). Of the 6 ports listed by you, I have 5 opened (21, 22, 23, 25 and 80) and port 587 is stealth. Unfortunately, which ports are to be opened for minipots is not described in reForis (in TOS 4 it was clearly described which ports will be opened). In the future, it would be a good idea to indicate the correctness of the data sending function somewhere
Apr 23 03:30:10 turris sentinel_nikola: Logrotate took 0.092233 seconds
Apr 23 01:30:10 turris crond[24650]: (root) CMDOUT (Logrotate took 0.092233 seconds)
Apr 23 03:30:10 turris sentinel_nikola: Syslog parsing took 0.068221 seconds
Apr 23 01:30:10 turris crond[24650]: (root) CMDOUT (Syslog parsing took 0.068221 seconds)
Apr 23 03:30:10 turris sentinel_nikola: Records parsed: 99
Apr 23 01:30:10 turris crond[24650]: (root) CMDOUT (Records parsed: 99)
Apr 23 03:30:10 turris sentinel_nikola: Sending records took 0.002242 seconds
So I banned the minipots, restarted router, and reinstall minipots.
then sentinel-minipot … enable and start
Retested opened ports … nad 587 still out of the game. Maybe it is by TOS 5 HBS ready ?
File /usr/libexec/sentinel/minipot-defaults.sh defines only 4 redirecting (i.e. together with HaaS) there should be 5 open ports
It’s the same for me on HBT, but I have a stealth port 587. This config file it is some pre-config pattern, the date of the file is March 4th and is therefore not actively used … You have 587 open?