ufw-docker-automated
lynis
ufw-docker-automated | lynis | |
---|---|---|
6 | 72 | |
193 | 12,533 | |
- | 1.2% | |
1.8 | 7.8 | |
6 months ago | 8 days ago | |
Go | Shell | |
Apache License 2.0 | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ufw-docker-automated
-
Docker developers discuss changes in how ports are to be forwarded into containers
I know it looks daunting, but it's just putting ufw-style rules into your docker-compose files. There are other solutions like ufw docker automated , but they seem even more annoying to setup.
-
Securing a VPS running docker
Or this for a more automated one: https://github.com/shinebayar-g/ufw-docker-automated
-
Stay safe with Docker and firewall
This is nothing new and a known issue for a very long time with docker and ufw and easily sorted by using this workaround.
-
Docker overrides UFW rules
Known issue for years but this and this helps.
-
A Docker footgun led to a vandal deleting NewsBlur's MongoDB database
Luckily it was about as hardened as regular ftp can be, but I noticed the problem when my service wasn't able to log in as the (very low) connection limit was filled by someone attempting passwords.
I've been using https://github.com/shinebayar-g/ufw-docker-automated to make docker compliant with UFW, and defining firewall rules as labels for the containers.
-
Checklist for hardening a linux VPS?
I found this script, but haven't had the time to try it.
lynis
-
Who does check linux distros of malware - open source
Linux has (free) tools to improve security and detect/remove malware: Lynis,Chkrootkit,Rkhunter,ClamAV,Vuls,LMD,radare2,Yara,ntopng,maltrail,Snort,Suricata...
- Learn security best practices
- How do i find and remove the compilers installed in fedora?
-
Fight against scans, bots and script-kiddies
What I would do in your place is run this https://github.com/CISOfy/lynis and follow some of the instructions.
-
What are your favorite sites that are privacy related that you bookmarked?
https://github.com/CISOfy/Lynis (Linux hardening)
- Server security/hardening baselines for Linux Template
- Ultimate privacy when setting up Fedora?
- Linux security tests?
- Vulnerability scanning tools for homelab?
-
Cyber Security for developers: what and where to learn?
Linux security audit scanner
What are some alternatives?
ufw-docker - To fix the Docker and UFW security flaw without disabling iptables
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
opensnitch - OpenSnitch is a GNU/Linux application firewall
OSSEC - OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
JShielder - Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark
PEASS-ng - PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
How-To-Secure-A-Linux-Server - An evolving how-to guide for securing a Linux server.
cve-check-tool - Original Automated CVE Checking Tool
iptables-docker - A bash solution for docker and iptables conflict
OSQuery - SQL powered operating system instrumentation, monitoring, and analytics.
whalewall - Automate management of firewall rules for Docker containers
debian-cis - PCI-DSS compliant Debian 10/11/12 hardening