Versions Compared

Old Version 6

changes.mady.by.user B.J. Orvis

Saved on

compared with

New Version 7

changes.mady.by.user B.J. Orvis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • The container must be able to perform DNS lookups of, and be able to connect to, the APIs that will be scanned. For simple deployments, if the host system for a container can resolve hostnames in the private network, so can the container.

  • The container must be able to resolve and connect to private-network-proxy1.securetheorem.com, on port 20422 to set up the tunnel/port forwarding.

  • The container must be configured with an SSH private key and a port assigned to the appliance by Data Theorem. The sections below discuss coordinating this configuration with Data Theorem.

  • A particular appliance’s container should only exist once – it should not be scaled or replicated across a cluster (eg, Docker Swarm or Kubernetes). The container is an appliance, and that instance represents where network traffic from Data Theorem will originate within the private network.

  • If you have multiple isolated private networks where there you have APIs to scan, then each network will need its own appliance/container configured with Data Theorem.

  • The container currently logs all output to STDOUT and STDERR.

...

  • RETRY_AFTER_DISCONNECT – Whether the appliance should automatically reconnect if something happens to the connection to the server. Defaults to yes. If it is set to no the container will exit if SSH ever disconnects.

  • VERBOSITY – How verbose the container’s output is. Defaults to 1. Set this to 0 for almost no output, or 1, 2, or 3 for increasingly verbose levels of output. Only set it to a higher level if you need to do some sort of low-level debugging of the SSH connection.

  • SERVER_HOST – Override the host that the container tries to connect to. By default, the appliance connects to private-network-proxy1.securetheorem.com.

  • SERVER_PORT – Override the server port that the container tries to connect to. By default, the appliance initiates an SSH connection to port 20422 on the remote server.

  • SERVER_PUBKEY – Override the public key of the remote server. The image contains the remote server’s key already, and it will refuse to connect to other server keys. Setting this overrides the server key that it trusts.

Examples

Run the appliance directly with Docker using SSH_PRIVATE_KEY_DATA

...