Skip to content

Using Dockerised OpenCanary

Jay edited this page Aug 22, 2023 · 4 revisions

Limitations

Currently dockerised OpenCanary does not support portscan. This is because portscan requires iptables.

Pre-requisites

  • Docker to be installed
  • Docker Compose to be installed
  • Clone the OpenCanary repo: git clone https://github.com/thinkst/opencanary

Using our Docker OpenCanary image

  1. Navigate into the cloned OpenCanary repo.
  2. Edit the data/.opencanary.conf file to enable, disable or customize the services that will run.
  3. Edit the ports section of the docker-compose.yml file to enable/disable the desired ports based on the services
  4. (Optional) If you planning on running Samba, you will need to allow the Docker OpenCanary process to read the "smb.auditfile" value (found in your opencanary.conf). You can do this by uncommenting the line in the volumes section in the docker-compose.yml. Keep in mind that is the default "smb.auditfile" value.
  5. Run Docker OpenCanary:
    docker compose up latest

Building and running your own Docker OpenCanary image (with docker compose)

  1. Navigate into the cloned OpenCanary repo.
  2. Build a Docker image
    • based on the most current code in the repository (recommended):
    docker compose build latest
    • based on what has been released in Pypi, run:
    docker compose build stable
  3. Edit the data/.opencanary.conf file to enable, disable or customize the services that will run.
  4. Edit the ports section of the docker-compose.yml file to enable/disable the desired ports based on the services
  5. (Optional) If you planning on running Samba, you will need to allow the Docker OpenCanary process to read the "smb.auditfile" value (found in your opencanary.conf). You can do this by uncommenting the line in the volumes section in the docker-compose.yml. Keep in mind that is the default "smb.auditfile" value.
  6. Run the newly created Docker image, run the following. Choose between stable or latest for the below command:
    docker compose up latest|stable

Building and running your own Docker OpenCanary image (with docker)

  1. Navigate into the cloned OpenCanary repo.
  2. Build a Docker image
    • based on the most current code in the repository (recommended):
    docker build -t opencanary -f Dockerfile.latest .
    • based on what has been released in Pypi, run:
    docker build -t opencanary -f Dockerfile.stable .
  3. Edit the data/.opencanary.conf file to enable, disable or customize the services that will run.
  4. Run the newly created Docker image, run the following. Keep in mind you will need to expose the ports that your Docker OpenCanary will expect traffic on. Below we are exposing ports 80 and 21.
    docker run --rm --detach -p 21:21 -p 80:80 -v "${PWD}/data/.opencanary.conf":"/root/.opencanary.conf" --name opencanary opencanary
  5. (Optional) If you planning on running Samba, you will need to allow the Docker OpenCanary process to read the "smb.auditfile" value (found in your opencanary.conf). You can do this by adding: -v /path/to/auditfile:/path/to/auditfile.

Miscellaneous Docker OpenCanary commands

  • View the logs using docker, run
    docker logs opencanary
  • View the logs using docker compose, run
    docker compose logs
  • Stop the container using docker, run
    docker stop opencanary
  • Stop the container using docker compose, run
    docker compose down