netscan icon indicating copy to clipboard operation
netscan copied to clipboard
verified publisher icon shellrow

Netscan inside Docker

Open albertjimenez opened this issue 1 year ago • 2 comments

Intro

Hi there, this is the only library that it worked for me to do a system that performs a host discovery scanner and I am in the process of Dockerizing it. I sorted out the permissions and the scan works, the only thing is that I found that none of the Docker options are working towards scanning the host system through Docker, I may be asking too much but could you let me know if you tried with the library works or how to make it work in Docker?

Recreation steps

  • create and run an example.rs with the host discovery for the default interface
  • build it on Docker
  • Run it on docker and expect the discovered hosts don't match the ones discovered outside of Docker

Notes

  • I develop on latest MacOS Intel but I tried recreating the steps on my raspberry pi so I discarded OS since there was a bug where the flag --network host was not working on MacOS

Link to my project

Network scanner

Thanks very much for this awesome project!

albertjimenez avatar Sep 13 '24 22:09 albertjimenez

First of all, thank you for your interest in my project, netscan! I’m glad to hear that it worked for your host discovery scanner system in your project.

Regarding your question, I haven’t tested netscan in a Docker environment yet. The environments I have tested so far are as follows:

  • Physical Host OS:
    • Linux (Kali, Ubuntu)
    • macOS (Intel, Apple Silicon)
    • Windows
  • Virtual Machines:
    • VMware running Linux (Kali, Ubuntu)

If you are attempting to scan from within Docker, please try the following settings:

  1. Granting Permissions To properly execute the scan, try adding the CAP_NET_RAW and CAP_NET_ADMIN capabilities to the container
  2. Check Network Interfaces Verify that the host's network interfaces are accessible from within the Docker container, and adjust the interface specification if necessary.
  3. Packet Capture If possible, try performing a packet capture to verify whether the send/receive are functioning correctly on the specified network interface.

Currently, I am busy with work and personal commitments, but I plan to continue maintaining netscan, including updating dependencies in the near future.

If you notice anything else or have suggestions, please feel free to let me know.

shellrow avatar Sep 14 '24 08:09 shellrow

Thanks very much for the quick reply, I will be investigating and doing some research, if you bare with me for a few weeks, I'd like to have this issue open so I can add my findings and potentially create a proper PR to update the README.md if I get to a successful path. Thanks a million for this!

albertjimenez avatar Sep 14 '24 12:09 albertjimenez