{"id":35931,"date":"2019-11-05T17:44:43","date_gmt":"2019-11-05T21:44:43","guid":{"rendered":"http:\/\/www.andysowards.com\/blog\/?p=35931"},"modified":"2019-11-05T17:44:43","modified_gmt":"2019-11-05T21:44:43","slug":"understanding-docker-syslog-systems-container-security","status":"publish","type":"post","link":"https:\/\/www.andysowards.com\/blog\/2019\/understanding-docker-syslog-systems-container-security\/","title":{"rendered":"Understanding Docker Syslog Systems and Container Security"},"content":{"rendered":"

Businesses IT teams must set up multiple containers, and in doing so, they open themselves up to security risks. Whether you want to set up a WordPress container or a Docker syslog server<\/a>, you have to be careful when creating and deploying any type of event repository. While this is incredibly efficient, this world of never-ending data breaches demands that businesses keep an eye on security. There are a few things that you can do ensure your servers remain more secure.<\/p>\n

Pick Safe Third-Party Containers<\/h2>\n

Docker allows you to pull down multiple containers from different public repositories. Do you know who created the container? If not, do you really trust this third party? You may not be using a container that was created securely, which means that it could be susceptible to malware and other corrupt files.<\/p>\n

In this case, you should sign up for Docker Hub’s pain package. This is a service that ensures your repository has been scanned and does not have any corrupt or malicious files. For example, you may want to set up a WordPress container. To do this, you probably use a command sudo search for WordPress to find any irregular files or images on the server.<\/p>\n

Set Up Content Trust<\/h2>\n

\"docker-tip-53-difference-between-a-registry-repository-and-image\"<\/a>
\nDocker Tip #53: Difference between a Registry, Repository and Image<\/em><\/p>\n

If you do have a third-party image on your server that you’re not sure about, then as of the Docker 1.8 update, you can count on Content Trust. You can now verify authenticity<\/a>, publication date, and integrity of all the images that are also on the Docker Hub Registry. However, you have to enable this feature to check your images. Once you enable it, Docker won’t be able to pull down images that haven’t been signed and verified by the registry.<\/p>\n

You can enable this feature by inputting the following command:<\/p>\n