Bind swarm services to a specific host interface

Details

https://docs.docker.com/engine/reference/commandline/swarm_init/#/listen-

addr-value

2.https://docs.docker.com/engine/swarm/admin_guide/#/recover-from-disaster

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Remediation of this requires re-initialization of the swarm specifying a specific interface
for the –listen-addr parameter.Impact-NoneDefault Value-By default, docker swarm services listen on all available host interfaces.

Supportive Information

The following resource is also helpful.

https://workbench.cisecurity.org/files/517

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Unix.

References

800-53|SC-7(13)

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles