Breaking and Fixing your ‘Docker’ ized environments presented at AppSecUSA 2016

by Manideep Konakandla,

Summary : This presentation extracts few points from CIS Docker 1.12 benchmark which was co-authored by me. Ref:
Abstract: The concept of containerization was in Linux from ages in the form of jails, zones, LXC etc. but it is since 2 years it gained tremendous recognition. The credit goes to "Docker" which made the concept of containerization very useful and handy by adding many benefits to existing container technologies. Tech giants like Redhat, Google, IBM, VMware etc. are not only the biggest contributors to this most active open source project but also major users of it. Only Google spins up more than 2 billion containers per week, more than 3,300 containers per second. Inspired from Docker, Microsoft also started its container technology by extending its research project "Drawbridge". The effect of containers already impacted the virtual machine market and this impact is going to increase significantly in near future.
Security is always an important issue for any upcoming technology and Docker is no exception to it. This presentation starts with a brief introduction to containers vs. virtualization technology, Docker ecosystem and then goes deep into "Docker Security". It touches each and every component listed below in the Docker container pipeline and gives details about the ways on how they can be broken and then defensive measures to secure them.
Container Pipeline Components:
a) Images
b) Container Runtime
c) Host security
d) Daemon security
e) Communication security ( daemon <=> client , daemon to registry etc.) f) Registry security Below is the brief overview only on Images, containers components.
1. Images
a. Image security analysis in which I have extracted more than 50 Docker hub images (which also includes official images) and found critical vulnerabilities like Heartbleed, Shellshock, CSRF, XSS etc. in them. The presentation also provides a comprehensive security analysis on Docker hub images , how vulnerable are they and gives details about alternative options available for getting secure images
b. Protecting images
- Efficient scanning : binary level scanning, hash based comparison instead of version string matching mechanisms
- Docker Content Trust: Ensures authenticity, integrity and freshness guarantees (Is this really secure to use?)
- 20 golden rules to be followed for "writing Dockerfiles and maintaining images" securely
2. Containers
a. Detailed explanation about how containers isolation can be torn apart
b. Docker claims that their containers are "Secure by Default" and also a popular report on Linux containers released by NCC Group states that "Docker has strong defaults". In this presentation, I will be proving that Docker defaults are vulnerable to DOS, side channel, remote exploitation etc. vulnerabilities. Besides, I will also be explaining about a few other ways of exploiting Docker containers if CIS Docker bechmark rules were not adhered
c. 20 golden rules to be followed for ensuring secure container runtime
Apart from the topics mentioned above, this presentation also throws a light on the tools available in market for securing container ecosystem along with the pros and cons of each tool : Twistlock, Aquasec, Nautilus etc.