| ##TCP FLAGS## | |
| Unskilled Attackers Pester Real Security Folks | |
| ============================================== | |
| TCPDUMP FLAGS | |
| Unskilled = URG = (Not Displayed in Flag Field, Displayed elsewhere) | |
| Attackers = ACK = (Not Displayed in Flag Field, Displayed elsewhere) | |
| Pester = PSH = [P] (Push Data) | |
| Real = RST = [R] (Reset Connection) | |
| Security = SYN = [S] (Start Connection) |
Just plug in your own values for registry and repo/image name.
registry='localhost:5000'
name='my-image'
curl -v -sSL -X DELETE "http://${registry}/v2/${name}/manifests/$(
curl -sSL -I \
-H "Accept: application/vnd.docker.distribution.manifest.v2+json" \This is an investigation into our susceptibility to Slow HTTP Attacks. These attacks take advantage of how typical web servers process requests and employ several strategies to achieve the same result. By keeping connections open longer than normal, they thereby prevent new connections from being opened and the server will either hang or return 503.
The question is less about whether we are vulnerable, but rather to what extent. Any server can be DoS’d, it’s just a matter of how easy it is to execute.
Lately I have found myself working a lot with containers with bind mounts and found no elegant way to display all of them in one go.
The command below gives you a nice overview as a json array. You need to have jq installed.
docker inspect $(docker ps -a -q) | jq '[.[] | {Id: .Id[0:12], Name: .Config.Hostname, Image: .Config.Image, Binds: .HostConfig.Binds}]'
