NMAP Docker Container

I often find myself needing to leverage the incredibly useful tool Nmap which is used for network/port scanning and so much more. Usually I will find a server that I can justify installing it on and just leave it there for when required or build and leave a virtual machine running Kali Linux. I figured it would perhaps be a better move to build a Docker container with Nmap that I could execute when the need arose in any environment which supports Docker style containerisation.

For those who are interested I shall provide the GitHub and DockerHub links for this work.

https://github.com/bytesizedalex/nmap

https://hub.docker.com/r/bytesizedalex/nmap/

What Container OS to use?

When creating my container I knew I wanted to keep it as small as possible – the Linux version that came to mind is called Alpine Linux which comes in at about 4MB, yes MEGABYTES. You can read more on their website https://alpinelinux.org/

DockerFile

Having decided on a version of Linux to act as my container it’s time to write the Dockerfile which is essentially my recipe – step by step instructions that Docker can use to build the container. Below we have the current version, I’ll break down what each line does so we know what is going on. I advise you reference the above GitHub/DockerHub links as I won’t update the section below on this blog every time I make a change.

FROM

First off we have the ‘FROM’ declaration which informs Docker I wish to use the Alpine Linux image, I also specifically state I want it to use the latest version of Alpine

MAINTAINER

This is pretty self-explanatory, a name and contact address for the person or organisation which maintains this container image

LABEL

Again this is a simple declaration which provides a name and some version information

RUN

Now we have something more interesting. This block of text is doing the hard work, well what little work there is. This line of code will be executed within the Alpine Linux container and will install Nmap then tidy up the package cache to make sure the image is as small as possible

ENTRYPOINT

When my container runs I want to ensure it is executing in the install Nmap software context

 

Using Nmap Docker Container

OK so we have a Dockerfile and all is good, how about we give it a shot? I’m assuming you have a system with Docker installed, I have an Ubuntu server I spun up to demo this process.

Right now I have no images in my local repository –

I’m going to tell Docker to look on DockerHub for a specific image (bytesizedalex/nmap) and then pull it down to my local repository.

Note as I did not specify a version it assumed the latest version, Docker then pulled down the two layers required and if we check our repository again we should see the image.

Now we can run the container and feed it the desired Nmap command to execute – I shall provide some examples below.

 

There is of course a lot more you can do with Nmap and many ways to handle containers, this post does not try to cover all that – it’s just to give you an idea of what can be done.

Leave a Reply