5.29 Do not use Docker's default bridge docker0

Information

Do not use Docker's default bridge docker0. Use docker's user-defined networks for container networking.

Rationale:

Docker connects virtual interfaces created in the bridge mode to a common bridge called docker0. This default networking model is vulnerable to ARP spoofing and MAC flooding attacks since there is no filtering applied.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Follow Docker documentation and setup a user-defined network. Run all the containers in the defined network.

Impact:

You have to manage the user-defined networks.

Default Value:

By default, docker runs containers on its docker0 bridge.

See Also

https://workbench.cisecurity.org/files/1476

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7b.

Plugin: Unix

Control ID: 3e5b05ce3e9616bd580b598b90478cd91c229f15181b5099f976dd06b3823efd