To showcase some security vulnerabilities I have set up multiple Docker containers with vulnerable services. They are connected using a bridge network with no outside connection to avoid compromising the vulnerable containers.
I would like to showcase the security issues to 3-5 people, ideally by providing a VPN connection to each of them, which enables a tunnel into the private docker network.
My current workaround is placing a Debian container with an exposed SSH port into the private network to allow for exploitation via command line, however web exploits are a lot more interesting when one can actually visit the vulnerable websites. I am aware this can be achieved by installing a browser on the Debian containers and using X-forwarding, however the performance is less than optimal.
I am very grateful for any suggestions on how to expose the docker network with the vulnerable containers to an external host in a secure way. The ideal solution would also be scalable to provide an independent network to each of the participants
No comments:
Post a Comment