[tkinom]

Love to see a container environment that can monitor Monitor and log all outgoing network connection requests.... Monitor and log all critical file/directory access such as /etc/*

With such container, we can catch the compromised supply-chain attach easily, right?

Does anyone know such container exist?

[munchbunny]

Only using privileged containers, or else you don’t have visibility into signal from other containers.

But, say you had such a container, there’s an important distinction between “you captured a log showing the smoking gun evidence of the supply chain attack”, and “you successfully picked that log out of all of the log data you generated and classified it with high confidence as an attack”.

Speaking from experience, the second problem is the hard problem for a multitude of reasons. So while you would have the data, you’d probably have trouble getting good precision/recall on when to actually sound the alarms vs. when it’s some SRE who needed to troubleshoot some network connectivity issues.

[yjftsjthsd-h]

> Only using privileged containers, or else you don’t have visibility into signal from other containers.

The suspect application doesn't need the privileges, so I'm not sure how much of a problem that is?

> there’s an important distinction between “you captured a log showing the smoking gun evidence of the supply chain attack”, and “you successfully picked that log out of all of the log data you generated and classified it with high confidence as an attack”.

Assuming that you're talking about the signal:noise problem, that's hard in the general case but I feel like you could easily pick off really obvious cases like trying to access private SSH/GPG keys and still get a lot of value.

[munchbunny]

> Assuming that you're talking about the signal:noise problem, that's hard in the general case but I feel like you could easily pick off really obvious cases like trying to access private SSH/GPG keys and still get a lot of value.

Probably. I’d agree that it’s worth trying at the very least. I’ve run into enough “should be easy” cases that turn out to be not that easy that my default is to get the data and see if the hypothesis really pans out.

[ashishbijlani]

I’ve created Packj sandbox [1] for “safe installation” of PyPI/NPM/Rubygems packages

1. https://github.com/ossillate-inc/packj

It DOES NOT require a VM/Container; uses strace. It shows you a preview of file system changes that installation will make and can also block arbitrary network communication during installation (uses an allow-list).

[remram]

strace uses ptrace, which is not safe for security use because of race conditions. Linux Security Modules should be used.

https://stackoverflow.com/a/4421762/711380

[ashishbijlani]

Thanks for highlighting this! While PTRACE introduces TOCTTOU vulnerabilities, Packj sandboxes fixes that by using read-only args for ptrace. You can find my PhD work [1] on this relevant.

1. https://lwn.net/Articles/803890/

[varunsharma07]

If CI/ CD pipeline uses GitHub Actions, you can monitor and even block outbound network calls at the DNS and network level using Harden Runner (https://github.com/step-security/harden-runner). It can also detect overwrite of files in the working directory. Harden Runner would have caught this dependency confusion and similar attacks due to a call to the attacker endpoint.