mifeil
commented
6 years ago Same for me, maybe it because the container has no authorization even if you add user according to instruction.
Open duker33 opened 6 years ago
mifeil
commented
6 years ago Same for me, maybe it because the container has no authorization even if you add user according to instruction.
wernight
commented
6 years ago Sounds worrisome. Could you provide steps to reproduce? I'm not intimate with Dante internals (and even not that much as a user of Dante). If you submit a PR fixing something I'd be glad to assist.
duker33
commented
6 years ago @wernight , i'm not old friend of Dante too. Sorry, i didn't catch logs and already removed this code installation
george-kirillov
commented
6 years ago I think that this is due to the configuration of the dante itself.
avxkim
commented
6 years ago Do you, guys, use authentication with it? Because socks5 without auth is very dangerous.
mediclab
commented
4 years ago Same for me. Digitalocean sends me an abuse mail from 3rd party company which email-DoS by my droplet. I think in this image in dockerhub something strange.
eababurin
commented
2 years ago My hosting provider informed me that spam email is being sent from my host. Only this container was launched on the host. Don't use it.
wernight
commented
2 years ago Dante wrongly configured gives something like access to the our LAN and malicious users may send request pretending to be coming from your machine.
I do agree that the container should be made safe by default if possible. I don't even recall where I got the default https://github.com/wernight/docker-dante/blob/master/sockd.conf, must have been from the default install. This is likely where the cause is, and eventhough it's meant to be customized, it's clearly unsafe by default based on these reports here.
I'm willing to accept PR or delegate the project to another.
TheNicholasNick
commented
2 years ago there is no malware in this dockerfile...
starting a server on the public internet listening on the common socks proxy port of 1080 = host found and used by people looking for open socks proxies...
ie don't start public accessible socks proxies on default ports... this container is perfect for a docker-compose setup or wanting to have a socks proxy somewhere without the overhead of ssh and the whole ssh -D 0.0.0.0:1080 trick.
however it is a socks proxy that allows devices to connect to it and use it to access other hosts - proceed accordingly... aka "warning, boiled hot water is hot and may cause severe burns" sticker on kettle/hot water boiler
Installed this one on two different servers. Used only by myself. At both cases container made DoS attack and spawed on emails