docker-ce VS masscan

Yes, Kubernetes, in fact, relies on a number of other free and open source software packages. As a base, it relies on the Docker container runtime and the CoreOS Linux distribution, and it utilizes other open source projects for a number of its components, such as etcd for distributed key-value storage. The tool's core and control plane are both built in GO programming language, making it a completely Go-based application. Kubernetes itself is an open source project and has been used as a building block for other open source projects.

Container images become containers at runtime and in the case of Docker containers - images become containers when they run on Docker Engine.

So I'm surprisingly ignorant on this but I'm curious if the full docker command line tool for linux is free and open source. It seems like https://github.com/docker/docker-ce is free and open source, but it's unclear to me if the docker community edition has other components which are not free and open source since this repository is deprecated. If the base verion is free and open source, why don't open source projects just re-implement equivalents of all of the other tools docker is providing at cost, to create a full free and open source suite?

apt show docker.io Package: docker.io Version: 20.10.7-0ubuntu1~20.04.1 Built-Using: glibc (= 2.31-0ubuntu9), golang-1.13 (= 1.13.8-1ubuntu1) Priority: optional Section: universe/admin Origin: Ubuntu Maintainer: Ubuntu Developers [email protected] Original-Maintainer: Paul Tagliamonte [email protected] Bugs: https://bugs.launchpad.net/ubuntu/+filebug Installed-Size: 193 MB Depends: adduser, containerd (>= 1.2.6-0ubuntu1~), iptables, debconf (>= 0.5) | debconf-2.0, libc6 (>= 2.8), libdevmapper1.02.1 (>= 2:1.02.97), libsystemd0 (>= 209~) Recommends: ca-certificates, git, pigz, ubuntu-fan, xz-utils, apparmor Suggests: aufs-tools, btrfs-progs, cgroupfs-mount | cgroup-lite, debootstrap, docker-doc, rinse, zfs-fuse | zfsutils Breaks: docker (<< 1.5~) Replaces: docker (<< 1.5~) Homepage: https://www.docker.com/community-edition Download-Size: 36.9 MB APT-Sources: https://mirror.asergo.com/ubuntu focal-updates/universe amd64 Packages Description: Linux container runtime Docker complements kernel namespacing with a high-level API which operates at the process level. It runs unix processes with strong guarantees of isolation and repeatability across servers.

Well, Docker CE comes with a huge Disclaimer of Warranty (https://github.com/docker/docker-ce/blob/master/LICENSE). I don't think we can complain. "I should have tested it before deploying to production" it's the right thing to say.

Not sure what you mean by "Go++" that's not really a thing. Docker's engine and tooling is primarily written in Go. You can see a copy of an older version of docker easily at https://github.com/docker/docker-ce/tree/master/components/. A number of other devops tools are written in Go, as are a number of microservices out in the wild.

Can I get banned for mass scanning with https://github.com/robertdavidgraham/masscan or does it slow down any other vms from other persons?

Nope, this doesn't work any more. Shodan checks all ports (so any attackers using data from Shodan already know which ports you have open), and tools like masscan (https://github.com/robertdavidgraham/masscan) let you portscan the entire IPv4 address space in less than 10 minutes.

https://github.com/LogoiLab/mcsl https://github.com/robertdavidgraham/masscan

Changing the default port does nothing for security. It only prevents some basic brute force or default password scripts. Anyone is able to scan for it in no time anyway (https://github.com/robertdavidgraham/masscan).

But it should blow away the far-too-common belief that no-one's after you because you're not interesting enough. IPv4 is smaller than we think. It is not difficult to scan the entire ipv4 space in minutes. And every single one of those is going to knock your door on the way past.

I'm not sure about the article, but the blazingly-fast IP scanner sounds a lot like Masscan. It can scan the entire Internet in 5 minutes and has received a lot of press: https://github.com/robertdavidgraham/masscan . https://rushter.com/blog/how-masscan-works/ is one of many articles about it.

Here's an except from the masscan docs: