CIS Docker 1.12.0 V1.0.0 L1.Linux Archives - Guides - Useful tips and tricks to secure your enterprise.

Audit Docker files and directories – /etc/docker/daemon.json

Details https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/chap-system_auditing.html 2.https://docs.docker.com/engine/reference/commandline/daemon/#daemon-configuration-file Solution Add a rule for /etc/docker/daemon.json file.For example,Add the line as below in /etc/audit/audit.rules file–w /etc/docker/daemon.json -k...

Audit Docker files and directories – /usr/bin/docker-containerd

Details https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/chap-system_auditing.html 2.https://github.com/docker/docker/pull/20662 3.https://containerd.tools/ Solution Add a rule for /usr/bin/docker-containerd file.For example,Add the line as below in /etc/audit/audit.rules file–w /usr/bin/docker-containerd...

Audit Docker files and directories – /usr/bin/docker-runc

Details https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/chap-system_auditing.html 2.https://github.com/docker/docker/pull/20662 3.https://containerd.tools/ 4.https://github.com/opencontainers/runc Solution Add a rule for /usr/bin/docker-runc file.For example,Add the line as below in /etc/audit/audit.rules file–w...

CIS Docker 1.12.0 V1.0.0 L1.Linux

Audit docker daemon

Audit Docker files and directories – docker.service

Audit Docker files and directories – docker.socket

Audit Docker files and directories – /etc/default/docker

Audit Docker files and directories – /etc/docker

Audit Docker files and directories – /etc/docker/daemon.json

Audit Docker files and directories – /usr/bin/docker-containerd

Audit Docker files and directories – /usr/bin/docker-runc

Audit Docker files and directories – /var/lib/docker

Avoid container sprawl