docker
security
+1

Lets learn about how to attack and secure Docker containers from this wonderful post on Medium by Mattia Zignale https://infosecwriteups

Last updated:
intermediate
1.
Write the command to run an nginx container using the following instruction 1. run in detached mode 2. Bind container port 80 with host port 80 3. use nginx image 4. Make sure all the flags are used at the beginning and are in ascending order
Write the command to run an nginx container using ...
Last updated:
Time allocated:
Type:
intermediate
2.
Docker daemon is responsible for which of the following tasks?
Docker daemon is responsible for which of the foll...
Last updated:
Time allocated:
Type:
beginner
3.
Is docker client the only way to use docker daemon?
Is docker client the only way to use docker daemon...
Last updated:
Time allocated:
Type:
beginner
4.
Where is the docker images stored?
Where is the docker images stored?
Last updated:
Time allocated:
Type:
beginner
5.
What is the default docker registry?
What is the default docker registry?
Last updated:
Time allocated:
Type:
intermediate
6.
Write the full path to the docker UNIX socket
Write the full path to the docker UNIX socket
Last updated:
Time allocated:
Type:
expert
7.
Docker ___ is the ___ to the docker ___ and it helps to manage container, images and registries
Docker ___ is the ___ to the docker ___ and it hel...
Last updated:
Time allocated:
Type:
beginner
8.
Docker socket is owned by which linux user?
Docker socket is owned by which linux user?
Last updated:
Time allocated:
Type:
intermediate
9.
Write the command to expose docker socket running in port 3000 to the internet
Write the command to expose docker socket running ...
Last updated:
Time allocated:
Type:
beginner
10.
By default docker containers are "previleged"
By default docker containers are "previleged"
Last updated:
Time allocated:
Type:
intermediate
11.
Which flag gives all capabilities to the container?
Which flag gives all capabilities to the container...
Last updated:
Time allocated:
Type:
intermediate
12.
Write the command to check the current container capabilities
Write the command to check the current container c...
Last updated:
Time allocated:
Type:
beginner
13.
Can the attacker instantiate privileged containers by getting access to management containers like Portainer?
Can the attacker instantiate privileged containers...
Last updated:
Time allocated:
Type:
expert
14.
The ___ machine mostly creates an ___ which acts as a ___ for Docker ___
The ___ machine mostly creates an ___ which acts a...
Last updated:
Time allocated:
Type:
beginner
15.
By default the ip range for docker network is within?
By default the ip range for docker network is with...
Last updated:
Time allocated:
Type:
beginner
16.
host machine will have the IP address in the range
host machine will have the IP address in the range
Last updated:
Time allocated:
Type:
beginner
17.
If the IP address of the container is 172.17.0.1, then it can be concluded that the container shares the host network namespace
If the IP address of the container is 172.17.0.1, ...
Last updated:
Time allocated:
Type:
intermediate
18.
Write the command to check if the current user can run Docker operations
Write the command to check if the current user can...
Last updated:
Time allocated:
Type:
expert
19.
If the ___ daemon is running on the ___ machine and the ___ utility ins installed then it can be abused to attach the host and obtain ___ privileges
If the ___ daemon is running on the ___ machine an...
Last updated:
Time allocated:
Type:
intermediate
20.
Attackers can make requests to which daemons to create a container, mounting a host file system and using chroot to get root access?
Attackers can make requests to which daemons to cr...
Last updated:
Time allocated:
Type:
expert
21.
The attacker can make requests to ___ daemon that is running with ___ privileges, run a ___ and mount ___ file system to it, then use ___ to get root access from inside the ___
The attacker can make requests to ___ daemon that ...
Last updated:
Time allocated:
Type:
intermediate
22.
When can an attacker potentially interact with a private Docker registry?
When can an attacker potentially interact with a p...
Last updated:
Time allocated:
Type:
expert
23.
How can an attacker use fake images?
How can an attacker use fake images?
Last updated:
Time allocated:
Type:
beginner
24.
Should non-root users have any access to UNIX socket?
Should non-root users have any access to UNIX sock...
Last updated:
Time allocated:
Type:
beginner
25.
Is the default docker TCP socket protected?
Is the default docker TCP socket protected?
Last updated:
Time allocated:
Type:
intermediate
26.
What is the default docker tcp socket url with host_ip 127.0.0.1?
What is the default docker tcp socket url with ho...
Last updated:
Time allocated:
Type:
intermediate
27.
What are the security measures we can implement to protect default docker TCP socket?
What are the security measures we can implement to...
Last updated:
Time allocated:
Type:
beginner
28.
Should non members be able to access docker?
Should non members be able to access docker?
Last updated:
Time allocated:
Type:
intermediate
29.
Which of the following steps should be taken in order to audit and secure docker environment?
Which of the following steps should be taken in or...
Last updated:
Time allocated:
Type:
beginner
30.
What is the full form of Seccomp?
What is the full form of Seccomp?
Last updated:
Time allocated:
Type:
beginner
31.
Why is seccomp used?
Why is seccomp used?
Last updated:
Time allocated:
Type:
beginner
32.
Is seccomp a sandbox?
Is seccomp a sandbox?
Last updated:
Time allocated:
Type:
beginner
33.
Which seccomp is supported by docker?
Which seccomp is supported by docker?
Last updated:
Time allocated:
Type:
beginner
34.
Can a Seccomp profile be defined in the form of a JSON file?
Can a Seccomp profile be defined in the form of a ...
Last updated:
Time allocated:
Type:
beginner
35.
Docker doesn't have a default seccomp profile
Docker doesn't have a default seccomp profile
Last updated:
Time allocated:
Type:
intermediate
36.
Docker's default Seccomp profile blocks how many syscalls?
Docker's default Seccomp profile blocks how many s...
Last updated:
Time allocated:
Type:
expert
37.
___ is a ___ enhancement to confine programs to a limited set of ___
___ is a ___ enhancement to confine programs to a...
Last updated:
Time allocated:
Type:
intermediate
38.
What is the user id of root?
What is the user id of root?
Last updated:
Time allocated:
Type:
beginner
39.
Does a non-existent user have any privileges?
Does a non-existent user have any privileges?
Last updated:
Time allocated:
Type:
beginner
40.
Is it possible to run docker daemon in root-less mode?
Is it possible to run docker daemon in root-less m...
Last updated:
Time allocated:
Type: