5.29 Ensure Docker's default bridge docker0 is not used

Information

Do not use Docker's default bridge docker0. Use docker's user-defined networks for container networking.
Rationale:
Docker connects virtual interfaces created in the bridge mode to a common bridge called docker0. This default networking model is vulnerable to ARP spoofing and MAC flooding attacks since there is no filtering applied.
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Follow Docker documentation and setup a user-defined network. Run all the containers in the defined network.
Impact:
You have to manage the user-defined networks.
Default Value:
By default, docker runs containers on its docker0 bridge.

See Also

https://workbench.cisecurity.org/files/1726

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7b., CSCv6|9

Plugin: Unix

Control ID: b9313c44d3258f1e1b45a6662fac83513d5ede8516341d8606d5219d1e6c17a1