-
To update all repos
sudo apt update -
To install prerequisites
sudo apt install \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common \ -
Adding docker's official GPG key:
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - -
Setup docker's repo
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \
stable" -
Install docker
sudo apt install docker-ce docker-ce-cli containerd.io -
Test docker
sudo docker run hello-world
sudo docker run -it aman/ccs /bin/bash
-itis used to make the container run in interactive modeaman/ccsis the image name for easier access.
sudo docker build .
- To create image usind Dockerfile
To get the IP address of the docker
sudo docker inspect container_id(fba765bc9744) | grep IPAddress | cut -d '"' -f 4 | head -n 2 | tail -n 1
- Built a Ubuntu container which even after installing old openssl is still secure.
Date: Nov 2-9, 2020
- Built a debian container with old openssl and libssl but cannot build
debian:wheezyso the oldest one I can do is stretch without updates breaking.- Ability to run
apt update - Using OpenSSL-1.0.1e-2
- Using LibSSL-1.0.0.1.0.1e-2
- Closed off port 80, and exposed port 443
- Ability to run
- The
vulnerabilitycontainer is vulnerable. Tested using a Python script- heartbleed-masstest [ISSUE: runs only oon python2 :( ]
- Reverse proxy works
- Reverse proxy even routes to my laptop easily so I can load this whole network up on a VM in the cloud and access it using the public IP
- Working on detection of malicious requests. Going through the same python file which I used to check for vulnerability.
