-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.yaml
More file actions
63 lines (60 loc) · 1.88 KB
/
docker-compose.yaml
File metadata and controls
63 lines (60 loc) · 1.88 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
services:
sensor:
image: ubuntu:24.04
container_name: sensor
privileged: true
cap_add:
- NET_ADMIN
networks:
net_attacker:
ipv4_address: 172.50.0.2
net_victim:
ipv4_address: 172.60.0.2
command: bash -c "\
apt update && apt install -y iproute2 iptables snort && \
mkdir -p /etc/snort/rules && \
echo 1 > /proc/sys/net/ipv4/ip_forward && \
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE && \
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT && \
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT && \
echo 'ipvar HOME_NET 172.50.0.0/16' >> /etc/snort/snort.conf && \
echo 'ipvar EXTERNAL_NET !172.50.0.0/16' >> /etc/snort/snort.conf && \
echo 'alert tcp 172.50.0.0/16 any -> !172.50.0.0/16 any (msg:\"SYN Scan detected\"; flags:S; sid:1000001; rev:1;)' > /etc/snort/rules/local.rules && \
echo 'include /etc/snort/rules/local.rules' >> /etc/snort/snort.conf && \
snort -c /etc/snort/snort.conf -A console -i eth0 -i eth1"
attacker:
image: ubuntu:24.04
container_name: attacker
cap_add:
- NET_ADMIN
networks:
net_attacker:
ipv4_address: 172.50.0.3
command: bash -c "\
apt update && apt install -y iproute2 nmap && \
ip route del default && ip route add default via 172.50.0.2 && \
while true; do \
echo 'Running SYN scan attack...' && \
nmap -sS 172.60.0.3 && \
sleep 10; \
done"
victim:
image: ubuntu:24.04
container_name: victim
cap_add:
- NET_ADMIN
networks:
net_victim:
ipv4_address: 172.60.0.3
command: bash -c "apt update && apt install -y iproute2 && sleep infinity"
networks:
net_attacker:
driver: bridge
ipam:
config:
- subnet: 172.50.0.0/16
net_victim:
driver: bridge
ipam:
config:
- subnet: 172.60.0.0/16