zlacker

[return to "I got hacked: My Hetzner server started mining Monero"]
1. except+Jp[view] [source] 2025-12-17 23:43:39
>>jakels+(OP)
The first step I would take is running podman instead of Docker to prevent container escapes. Podman can be run truly rootless and doesn't mess with your firewall. Next I would drop all caps if possible.
◧◩
2. doodle+7q[view] [source] 2025-12-17 23:46:09
>>except+Jp
What's the difference between running Podman and running Docker in rootless mode? (Other than Docker messing with the firewall, which apparently OP doesn't know about… yet). I understand Podman doesn't require a daemon, but is that all there is to it, or is there something I'm missing?
◧◩◪
3. crimso+NJ[view] [source] 2025-12-18 02:50:58
>>doodle+7q
Rootless docker is more compatible than podman I found. I experienced crash dumps in say mssql with podman, but not with rootless docker.

Also rootless docker does not bypass ufw like rootful docker does.

[go to top]