Version: 1.0
HowlsMovingDocker is a moving target defense Docker orchestration platform that creates a dynamic environment for your main application and dummy services. It continuously changes the network topology to enhance security and resilience against potential attacks.
- Deploys main application services with dynamically changing ports
- Creates multiple dummy instances with weak credentials
- Periodically recycles dummy instances, changing their ports and credentials
- Monitors authentication logs in dummy containers to detect successful login attempts
- Highly configurable through YAML files
- Uses volume mapping for data persistence
- Python 3.7+
- Docker
-
Clone this repository:
git clone https://github.com/referefref/howls-moving-docker.git cd howls-moving-docker
-
Install the required Python packages:
pip install -r requirements.txt
-
Ensure Docker is installed and running on your system.
Run the main script with your chosen configuration file:
python hmd.py config_wordpress.yaml
For help and to see all available options:
python hmd.py --help
To check the version:
python hmd.py --version
Edit the YAML configuration file to customize the behavior of HowlsMovingDocker. Key configuration options include:
password_list_url
: URL to download the password list for dummy servicesnetwork_name
: Name of the Docker network to createproduction_port_range
: Range of ports for main servicesproduction_update_interval
: Interval (in minutes) to update main service portsdummy_recycle_interval
: Interval (in minutes) to recycle dummy containersmain_services
: List of main services to deploydummy_services
: List of dummy services to deploy, including log monitoring settingsvolumes
: Volume mappings for all services
See the example configuration files in the config_examples
directory for more details.
HMD can monitor logs of dummy services for successful login attempts. Configure the log_monitoring
section for each dummy service in the configuration file:
log_monitoring:
log_file: /path/to/log/file
success_pattern: "regex pattern to match successful logins"
check_interval: 30 # seconds
If log monitoring is not applicable for a service, set these fields to null
.
While this project implements moving target defense strategies, it is primarily for educational and development purposes. Ensure proper security measures are in place before considering any production use.
Contributions are welcome! Please feel free to submit a Pull Request.
This project is licensed under the MIT License - see the LICENSE file for details.