How To Quickly Run a Basic Security Audit Against Docker & Secure the Docker Daemon

How To Quickly Run a Basic Security Audit Against Docker & Secure the Docker Daemon

by Eliza May Austin



Basic Install

sudo apt install docker.io
sudo systemctl start docker
sudo systemctl enable docker
sudo apt install git -y
git clone https://github.com/docker/docker-bench-security.git
cd docker-bench-security/
sudo ./docker-bench-security.sh


Securing the Docker Daemon

sudo ./docker-bench-security.sh -c docker_daemon_configuration


sudo docker container run -it --name elizascontainer alpine sh


sudo docker container top elizascontainer -eo user,pid,comm


cd ../../../sudo nano /etc/docker/daemon.json

{
"userns-remap": "default"
}

sudo service docker restart


sudo ./docker-bench-security.sh -c docker_daemon_configuration



Free Resources for Docker Security


Eliza May Austin is the founder of LLHS (Ladies Of London Hacking Society), founder of TFTCyber (Tech For Troops Cyber), and BCS (British Computer Society) award winner  in 2016.


The article has been originally published at: https://medium.com/better-programming/how-to-quickly-run-a-basic-security-audit-against-docker-secure-the-docker-daemon-cdf1d8e4cd


July 3, 2019

Leave a Reply

avatar

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
Notify of

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013