[SSHGuard-users] Blocked attackers can still access docker containers

[<gi1...@gm...>]

Hi All,

Thanks for sshguard; I've been using it happily for some time now.

I'm writing to report a security issue I noticed recently: In short,
blocked attackers are still able to access docker containers.

Steps to reproduce:

    1. Run any docker container with an exposed port. Personally I'm
       running https://hub.docker.com/r/jgiannuzzi/gitolite

	docker run -p 2022:22 jgiannuzzi/gitolite

    2. Attack the host machine from some remote until it gets blocked.

	    remote> repeat 10 ssh spam@host
	    ...

	    host> journalctl --unit=sshguard.service
	    ...
	    Oct 30 11:19:20 gi sshguard[962]: Blocking "HOSTIP/32" for
		960 secs (4 attacks in 345 secs, after 4 abuses over
		2721 secs.)

    3. Check that the remote attacker is blocked as expected:

	    remote> ping host
	    (no response)
	    remote> ssh host
	    (no response)

    4. The exposed ports from docker containers are still visible to
       attackers:

	    remote> ssh -p 2022 git@host
	    SUCCEEDED

Any container with an exposed port will do. Doesn't have to be the one I
used above. I used to use iptables back in the day, but looks like
modern systems use nft. I checked out the rules added. Looks like the
relevant parts (from nft list ruleset) are:

    table ip sshguard {
        set attackers {
                type ipv4_addr
                flags interval
                elements = { REMOTE_IP, ... }
        }

        chain blacklist {
                type filter hook input priority -10; policy accept;
                ip saddr @attackers drop
        }
    }

    table ip nat {
        chain PREROUTING {
	    type nat hook prerouting priority -100; policy accept;
	    fib daddr type local counter packets 64 bytes 4890 jump DOCKER
        }

        chain INPUT {
	    type nat hook input priority 100; policy accept;
        }

        chain POSTROUTING {
	    type nat hook postrouting priority 100; policy accept;
	    oifname != "docker0" ip saddr 172.17.0.0/16 counter packets 0 bytes 0 masquerade 
	    meta l4proto tcp ip saddr 172.17.0.3 ip daddr 172.17.0.3 tcp dport 22 counter packets 0 bytes 0 masquerade 
        }

	chain OUTPUT {
	    type nat hook output priority -100; policy accept;
	    ip daddr != 127.0.0.0/8 fib daddr type local counter packets 0 bytes 0 jump DOCKER
        }

        chain DOCKER {
	    iifname "docker0" counter packets 0 bytes 0 return
	    iifname != "docker0" meta l4proto tcp ip daddr HOST_IP tcp dport 2022 counter packets 0 bytes 0 dnat to 172.17.0.3:22
        }
    }

I replaced the IP addresses with HOST_IP / REMOTE_IP above. I don't
fully understand the sequence above. Perhaps because sshguard adds rules
with priority -10 and docker with prority -100?

Regardless, the upshot is that docker containers are not protected at
all by sshguard. Moreover, if your container runs a ssh service, you
can't currently use sshguard on the host to test/block ssh attacks on
the container. (This is what I was trying to setup when I found the
above problem. My container passes logs to sshguard fine, and sshguard
claims to have blocked the IP of the attacker. But it only blocks the
attacker from accessing other ports on the host. The attacker still has
full access to all container exposed ports, and so can continue with his
ssh brute force attack.)

If you know how to fix this, or if I should report this somewhere else,
please let me know.

GI

-- 
'Confidence' -- The feeling a person has before he fully understands the
situation.