Security Researcher Detected: You might have ended up here because your site vulnerability scanner found something interesting. Hi! I'm a security engineer and I'm having a good time interacting with the people and bots that are interested in information security.
You will hopefully find this site is well-secured and I'm not interested in being hacked. I'm interested in learning about how people try to hack me, though.
What is this endpoint?
containers/json
Docker Engine API endpoint that lists running containers; its presence indicates an exposed Docker daemon over HTTP.
What an attacker could do
An exposed Docker API gives an attacker full control of the host - launching privileged containers, mounting the host filesystem, and escaping to root on the underlying machine.
How to defend it
Never expose the Docker daemon on a TCP port without mTLS; bind it to a local socket, require TLS client certificates, and firewall ports 2375/2376.
Connect with the Security Engineer
Learn More
Want to dive deeper into this topic? Check out the official documentation.
Read Official Documentation