-
Notifications
You must be signed in to change notification settings - Fork 365
Using Dockerised OpenCanary
Jay edited this page Aug 22, 2023
·
4 revisions
Currently dockerised OpenCanary does not support portscan
. This is because portscan
requires iptables
.
- Docker to be installed
- Docker Compose to be installed
- Clone the OpenCanary repo:
git clone https://github.com/thinkst/opencanary
- Navigate into the cloned OpenCanary repo.
- Edit the
data/.opencanary.conf
file to enable, disable or customize the services that will run. - Edit the
ports
section of thedocker-compose.yml
file to enable/disable the desired ports based on the services - (Optional) If you planning on running Samba, you will need to allow the Docker OpenCanary process to read the
"smb.auditfile"
value (found in youropencanary.conf
). You can do this by uncommenting the line in thevolumes
section in thedocker-compose.yml
. Keep in mind that is the default"smb.auditfile"
value. - Run Docker OpenCanary:
docker compose up latest
- Navigate into the cloned OpenCanary repo.
- Build a Docker image
- based on the most current code in the repository (recommended):
docker compose build latest
- based on what has been released in Pypi, run:
docker compose build stable
- Edit the
data/.opencanary.conf
file to enable, disable or customize the services that will run. - Edit the
ports
section of thedocker-compose.yml
file to enable/disable the desired ports based on the services - (Optional) If you planning on running Samba, you will need to allow the Docker OpenCanary process to read the
"smb.auditfile"
value (found in youropencanary.conf
). You can do this by uncommenting the line in thevolumes
section in thedocker-compose.yml
. Keep in mind that is the default"smb.auditfile"
value. - Run the newly created Docker image, run the following. Choose between
stable
orlatest
for the below command:docker compose up latest|stable
- Navigate into the cloned OpenCanary repo.
- Build a Docker image
- based on the most current code in the repository (recommended):
docker build -t opencanary -f Dockerfile.latest .
- based on what has been released in Pypi, run:
docker build -t opencanary -f Dockerfile.stable .
- Edit the
data/.opencanary.conf
file to enable, disable or customize the services that will run. - Run the newly created Docker image, run the following. Keep in mind you will need to expose the ports that your Docker OpenCanary will expect traffic on. Below we are exposing ports 80 and 21.
docker run --rm --detach -p 21:21 -p 80:80 -v "${PWD}/data/.opencanary.conf":"/root/.opencanary.conf" --name opencanary opencanary
- (Optional) If you planning on running Samba, you will need to allow the Docker OpenCanary process to read the
"smb.auditfile"
value (found in youropencanary.conf
). You can do this by adding:-v /path/to/auditfile:/path/to/auditfile
.
- View the logs using
docker
, rundocker logs opencanary
- View the logs using
docker compose
, rundocker compose logs
- Stop the container using
docker
, rundocker stop opencanary
- Stop the container using
docker compose
, rundocker compose down