Research-containers: Difference between revisions

From Irregularpedia
Jump to navigation Jump to search
VisualWikitext
Initial
 
fix formatting
Tag: wikieditor
 
Line 2: Line 2:
= Containers for Digital Force Protection and Collaborative Research =
= Containers for Digital Force Protection and Collaborative Research =


Return to [[dfp-guide|DFP Guides]] Return to [[research|Research]] ## Overview
Return to [[dfp-guide|DFP Guides]] Return to [[research|Research]]
 
== Overview ==


This guide provides a step-by-step approach to using Docker containers for achieving digital force protection, maintaining elevated privacy, and ensuring continuity of system/behavior fingerprinting while conducting research. The instructions range from setting up simple, single-instance browser containers to more complex configurations involving multiple instances, using Kasm Workspaces images. The focus is on how containers can be used to protect against digital threats and manage attribution in a collaborative research environment.
This guide provides a step-by-step approach to using Docker containers for achieving digital force protection, maintaining elevated privacy, and ensuring continuity of system/behavior fingerprinting while conducting research. The instructions range from setting up simple, single-instance browser containers to more complex configurations involving multiple instances, using Kasm Workspaces images. The focus is on how containers can be used to protect against digital threats and manage attribution in a collaborative research environment.
Line 9: Line 11:
== 1. What Are Containers and How Do They Compare to VMs? ==
== 1. What Are Containers and How Do They Compare to VMs? ==


Containers are lightweight, standalone, and executable software packages that include everything needed to run a piece of software, including the code, runtime, libraries, and dependencies. Unlike [[virtual-environment|virtual machines (VMs)]] , containers share the host system’s kernel and resources, making them much more efficient in terms of performance and resource usage.
Containers are lightweight, standalone, and executable software packages that include everything needed to run a piece of software, including the code, runtime, libraries, and dependencies. Unlike [[virtual-environment|virtual machines (VMs)]], containers share the host system’s kernel and resources, making them much more efficient in terms of performance and resource usage.


<span id="benefits-of-containers"></span>
<span id="benefits-of-containers"></span>
=== Benefits of Containers ===
=== Benefits of Containers ===


'' '''Isolation:''' Containers provide process and network isolation, ensuring that software runs in a secure, isolated environment.
'''''Isolation:''' Containers provide process and network isolation, ensuring that software runs in a secure, isolated environment.
'''' '''Real-World Example:''' A research team uses containers to run multiple instances of a browser for OSINT operations, ensuring that each instance is isolated and cannot interfere with or affect others, which would be a risk if all instances were running on a shared VM.
#'''''Real-World Example:''' A research team uses containers to run multiple instances of a browser for OSINT operations, ensuring that each instance is isolated and cannot interfere with or affect others, which would be a risk if all instances were running on a shared VM.
'' '''Efficiency:''' Containers are lightweight compared to VMs, allowing for faster startup times and reduced resource consumption.
'''''Efficiency:''' Containers are lightweight compared to VMs, allowing for faster startup times and reduced resource consumption.
*'' '''Real-World Example:''' A development team uses containers to deploy services in production. Since containers are lightweight, they can quickly scale up or down depending on the load, reducing costs and improving performance.
#'''''Real-World Example:''' A development team uses containers to deploy services in production. Since containers are lightweight, they can quickly scale up or down depending on the load, reducing costs and improving performance.


<span id="shortcomings-compared-to-vms"></span>
<span id="shortcomings-compared-to-vms"></span>
=== Shortcomings Compared to VMs ===
=== Shortcomings Compared to VMs ===


'' '''Shared Kernel:''' Containers share the host system’s kernel, which might pose a security risk if the kernel is compromised.
'''''Shared Kernel:''' Containers share the host system’s kernel, which might pose a security risk if the kernel is compromised.
*'' '''Real-World Example:''' If a vulnerability exists in the host kernel, it could potentially be exploited to escape a container and affect other containers or the host system, which is less likely with a fully isolated VM.
#'''''Real-World Example:''' If a vulnerability exists in the host kernel, it could potentially be exploited to escape a container and affect other containers or the host system, which is less likely with a fully isolated VM.
'' '''Limited Hardware Emulation:''' Unlike VMs, containers cannot emulate hardware, which might be necessary for some applications.
'''''Limited Hardware Emulation:''' Unlike VMs, containers cannot emulate hardware, which might be necessary for some applications.
*'' '''Real-World Example:''' A company needing to test software on different hardware architectures (e.g., ARM vs. x86) would need to use VMs or physical hardware, as containers cannot emulate different hardware architectures.
#'''''Real-World Example:''' A company needing to test software on different hardware architectures (e.g., ARM vs. x86) would need to use VMs or physical hardware, as containers cannot emulate different hardware architectures.


<span id="installing-docker"></span>
<span id="installing-docker"></span>
=== Installing Docker ===
=== Installing Docker ===


To begin using Docker, you need to install it on your system. Follow the official Docker installation guide based on your operating system: - [https://docs.docker.com/get-docker/ Install Docker]
To begin using Docker, you need to install it on your system. Follow the official Docker installation guide based on your operating system:  
# [https://docs.docker.com/get-docker/ Install Docker]


<span id="installing-kasm-workspaces"></span>
<span id="installing-kasm-workspaces"></span>
Line 40: Line 43:
=== Finding Containers ===
=== Finding Containers ===


Find Open Source Containers: https://hub.docker.com/ List of Kasm ready containers: https://hub.docker.com/u/kasmweb/
Find Open Source Containers: [https://hub.docker.com/ Docker Hub] 
List of Kasm-ready containers: [https://hub.docker.com/u/kasmweb/ Kasmweb Docker Hub]
 
=== '''<code>kasmweb/firefox</code>''' ===
#'''''Purpose:''' This is a pre-configured Firefox browser container designed for privacy and security.
#'''''Use Case:''' Perfect for researchers who need a secure, elevated private browsing environment without worrying about tracking or leaving a digital footprint.
 
=== '''<code>kasmweb/tor-browser</code>''' ===
#'''''Purpose:''' A containerized version of the Tor Browser, which routes your internet traffic through the Tor network for maximum elevated privacy.
#'''''Use Case:''' Ideal for researchers who require the highest level of privacy and need to bypass censorship or access resources that are otherwise restricted.


= '''<code>kasmweb/firefox</code>''' =
=== '''<code>kasmweb/brave</code>''' ===
#'' '''Purpose:''' This is a pre-configured Firefox browser container designed for privacy and security.
#'''''Purpose:''' Brave is a privacy-focused browser with built-in ad-blocking. This container version from Kasm is optimized for secure browsing.
#'' '''Use Case:''' Perfect for researchers who need a secure, elevated private browsing environment without worrying about tracking or leaving a digital footprint.
#'''''Use Case:''' Great for teams who need a browser that combines ease of use with strong privacy features.
= '''<code>kasmweb/tor-browser</code>''' =
 
#'' '''Purpose:''' A containerized version of the Tor Browser, which routes your internet traffic through the Tor network for maximum elevated privacy.
=== '''<code>jlesage/firefox</code>''' ===
#'' '''Use Case:''' Ideal for researchers who require the highest level of privacy and need to bypass censorship or access resources that are otherwise restricted.
#'''''Purpose:''' A simple Firefox container that’s easy to set up and use. It provides isolated browsing sessions without the complexities of a full Kasm environment.
= '''<code>kasmweb/brave</code>''' =
#'''''Use Case:''' Suitable for individual users who need a straightforward way to browse the internet securely.
#'' '''Purpose:''' Brave is a privacy-focused browser with built-in ad-blocking. This container version from Kasm is optimized for secure browsing.
 
#'' '''Use Case:''' Great for teams who need a browser that combines ease of use with strong privacy features.
=== '''<code>kali-linux/kali-rolling</code>''' ===
= '''<code>jlesage/firefox</code>''' =
#'''''Purpose:''' A containerized version of Kali Linux, a popular distribution used for security auditing and penetration testing.
#'' '''Purpose:''' A simple Firefox container that’s easy to set up and use. It provides isolated browsing sessions without the complexities of a full Kasm environment.
#'''''Use Case:''' While more advanced, this container can be used by research teams needing to test security in an isolated environment.
#'' '''Use Case:''' Suitable for individual users who need a straightforward way to browse the internet securely.
= '''<code>kali-linux/kali-rolling</code>''' =
#'' '''Purpose:''' A containerized version of Kali Linux, a popular distribution used for security auditing and penetration testing.
#'' '''Use Case:''' While more advanced, this container can be used by research teams needing to test security in an isolated environment.


<span id="basic-setup-running-a-firefox-browser-in-docker"></span>
<span id="basic-setup-running-a-firefox-browser-in-docker"></span>
Line 69: Line 77:
=== Steps ===
=== Steps ===


<ol style="list-style-type: decimal;">
# '''Pull the Firefox Docker Image:'''
<li><p>'''Pull the Firefox Docker Image:'''</p>
<syntaxhighlight lang="bash">docker pull jlesage/firefox</syntaxhighlight>
<syntaxhighlight lang="bash">docker pull jlesage/firefox</syntaxhighlight></li>
 
<li><p>'''Run the Docker Container:'''</p>
# '''Run the Docker Container:'''
<syntaxhighlight lang="bash">docker run -d -p 5800:5800 jlesage/firefox</syntaxhighlight></li>
<syntaxhighlight lang="bash">docker run -d -p 5800:5800 jlesage/firefox</syntaxhighlight>
<li><p>'''Access the Browser:'''</p>
 
<ul>
# '''Access the Browser:'''
<li>Navigate to <code>http://localhost:5800</code> in your local web browser to access Firefox.</li></ul>
# Navigate to <code>http://localhost:5800</code> in your local web browser to access Firefox.
</li>
 
<li><p>'''Port Customization:'''</p>
# '''Port Customization:'''
<ul>
# '''Custom Ports:''' If port 5800 is already in use or you need to run multiple instances, you can change the port mapping:
<li><p>'''Custom Ports:''' If port 5800 is already in use or you need to run multiple instances, you can change the port mapping:</p>
<syntaxhighlight lang="bash">docker run -d -p 5900:5800 jlesage/firefox</syntaxhighlight>
<syntaxhighlight lang="bash">docker run -d -p 5900:5800 jlesage/firefox</syntaxhighlight>
<ul>
# This command maps port 5900 on your host to port 5800 in the container, allowing you to access the browser at <code>http://localhost:5900</code>.
<li>This command maps port 5900 on your host to port 5800 in the container, allowing you to access the browser at <code>http://localhost:5900</code>.</li></ul>
</li></ul>
</li></ol>


<span id="use-case"></span>
<span id="use-case"></span>
=== Use Case ===
=== Use Case ===


'' Suitable for quick, isolated web browsing sessions with minimal setup.
''Suitable for quick, isolated web browsing sessions with minimal setup.''


<span id="intermediate-setup-using-kasm-workspaces-for-enhanced-security"></span>
<span id="intermediate-setup-using-kasm-workspaces-for-enhanced-security"></span>
Line 103: Line 107:
=== Steps ===
=== Steps ===


<ol style="list-style-type: decimal;">
# '''Search for and Pull the Kasm Firefox Docker Image:'''
<li><p>'''Search for and Pull the Kasm Firefox Docker Image:'''</p>
# '''Searching for Docker Images:'''
<ul>
# Use Docker Hub to find good Docker images by searching for keywords related to your needs (e.g., “browser,” “firefox,” “security”). Review the image details, including the number of pulls, star ratings, and readme documentation, to ensure it’s a well-maintained and trusted image.
<li><p>'''Searching for Docker Images:'''</p>
<syntaxhighlight lang="bash">docker search kasmweb</syntaxhighlight>
<ul>
# This command searches Docker Hub for images related to Kasm Workspaces.
<li>Use Docker Hub to find good Docker images by searching for keywords related to your needs (e.g., “browser,” “firefox,” “security”). Review the image details, including the number of pulls, star ratings, and readme documentation, to ensure it’s a well-maintained and trusted image.</li></ul>
 
# '''Pull the Specific Firefox Image:'''
<syntaxhighlight lang="bash">docker pull kasmweb/firefox:1.14.0</syntaxhighlight>


<syntaxhighlight lang="bash">docker search kasmweb</syntaxhighlight>
# '''Run the Firefox Container via Kasm Workspaces:'''
<ul>
<syntaxhighlight lang="bash">sudo docker run --rm -it --shm-size=512m -p 6901:6901 -e USER=user -e VNC_PW=password kasmweb/firefox:1.14.0</syntaxhighlight>
<li>This command searches Docker Hub for images related to Kasm Workspaces.</li></ul>
 
</li>
# '''Run the Tor Browser via Kasm Workspaces:'''
<li><p>'''Pull the Specific Firefox Image:'''</p>
<syntaxhighlight lang="bash">sudo docker run --rm -it --shm-size=512m -p 6902:6901 -e USER=user -e VNC_PW=password kasmweb/tor-browser:1.15.0-rolling</syntaxhighlight>
<syntaxhighlight lang="bash">docker pull kasmweb/firefox:1.14.0</syntaxhighlight></li></ul>
 
</li>
# '''Access the Browsers:'''
<li><p>'''Run the Firefox Container via Kasm Workspaces:'''</p>
# Firefox: <code>https://localhost:6901</code>
<syntaxhighlight lang="bash">sudo docker run --rm -it --shm-size=512m -p 6901:6901 -e USER=user -e VNC_PW=password kasmweb/firefox:1.14.0</syntaxhighlight></li>
# Tor Browser: <code>https://localhost:6902</code>
<li><p>'''Run the Tor Browser via Kasm Workspaces:'''</p>
# Use the default VNC password (“password”) to access the sessions.
<syntaxhighlight lang="bash">sudo docker run --rm -it --shm-size=512m -p 6902:6901 -e USER=user -e VNC_PW=password kasmweb/tor-browser:1.15.0-rolling</syntaxhighlight></li>
<li><p>'''Access the Browsers:'''</p>
<ul>
<li>Firefox: <code>https://localhost:6901</code></li>
<li>Tor Browser: <code>https://localhost:6902</code></li>
<li>Use the default VNC password (“password”) to access the sessions.</li></ul>
</li></ol>


<span id="use-case-1"></span>
<span id="use-case-1"></span>
=== Use Case ===
=== Use Case ===


'' Ideal for scenarios requiring enhanced security, such as OSINT operations or secure web research.
''Ideal for scenarios requiring enhanced security, such as OSINT operations or secure web research. Provides a managed attribution solution that prevents any lasting footprint after sessions.''
'' Provides a managed attribution solution that prevents any lasting footprint after sessions.


<span id="why-use-kasm-workspaces-images"></span>
<span id="why-use-kasm-workspaces-images"></span>
=== Why Use Kasm Workspaces Images? ===
=== Why Use Kasm Workspaces Images? ===


'' '''Individual Browser Images:''' These allow you to run specific browsers in isolation with minimal setup. This is ideal for those who need to control their environment closely.
'''''Individual Browser Images:''' These allow you to run specific browsers in isolation with minimal setup. This is ideal for those who need to control their environment closely.
'' '''Full Kasm Workspaces Deployment:''' Kasm provides a GUI for managing multiple browser sessions but requires more resources and comes with a limitation of 5 active sessions in the trial version. This option is better suited for smaller teams or users who prefer an easier, GUI-driven setup.
'''''Full Kasm Workspaces Deployment:''' Kasm provides a GUI for managing multiple browser sessions but requires more resources and comes with a limitation of 5 active sessions in the trial version. This option is better suited for smaller teams or users who prefer an easier, GUI-driven setup.


<span id="advanced-setup-running-multiple-browser-instances-for-team-research"></span>
<span id="advanced-setup-running-multiple-browser-instances-for-team-research"></span>
Line 146: Line 144:
=== Purpose ===
=== Purpose ===


Run multiple instances of browsers (e.g., Firefox) to simulate or support team-based research, each with unique usernames but consistent passwords.
Facilitate team-based research with multiple isolated browser instances using Docker containers.


<span id="steps-2"></span>
<span id="steps-2"></span>
=== Steps ===
=== Steps ===


<span id="macos-and-linux-terminal"></span>
# '''Find and Pull Multiple Docker Images:'''
==== MacOS and Linux Terminal ====
# Pull the required browser images from Docker Hub.
<syntaxhighlight lang="bash">docker pull kasmweb/firefox:1.14.0</syntaxhighlight>
<syntaxhighlight lang="bash">docker pull kasmweb/tor-browser:1.15.0-rolling</syntaxhighlight>


= '''Set Up Variables for Flexible Configuration:''' Paste this into your terminal and adjust the variables as needed. These variables will reset with each terminal session. =
# '''Run Multiple Containers with Different Ports:'''
# Use the following commands to start different containers with distinct ports for each instance:
<syntaxhighlight lang="bash">docker run -d -p 6901:6901 kasmweb/firefox:1.14.0</syntaxhighlight>
<syntaxhighlight lang="bash">docker run -d -p 6902:6901 kasmweb/tor-browser:1.15.0-rolling</syntaxhighlight>


TODO: Create multiple usernames. This will require creating the users within the kasm container. Possibly <code>&quot;useradd -m ${username}$i &amp;&amp; echo '${username}$i:$password' | chpasswd &amp;&amp; su - ${username}$i -c 'startkasmvnc'&quot;</code> Though this may more advanced than a normal user would like to take this or be better suited for a script let along using the official full kasm instance with full userhandling. <code>bash    image=&quot;firefox:1.14.0&quot;     password=&quot;your_password_here&quot; #default password for all users    username=&quot;user&quot; #base username for users and name of container    ct_num=6 #number of containers of this type to start</code>
# '''Organize Containers:'''
# '''Set Up Docker Compose:''' Use Docker Compose for managing multiple containers. Create a `docker-compose.yml` file:
<syntaxhighlight lang="yaml">
version: '3'
services:
  firefox:
    image: kasmweb/firefox:1.14.0
    ports:
      - "6901:6901"
  tor-browser:
    image: kasmweb/tor-browser:1.15.0-rolling
     ports:
      - "6902:6901"
</syntaxhighlight>


<ol start="2" style="list-style-type: decimal;">
# '''Start All Services:'''
<li><p>'''Create a Loop to Run Multiple Firefox Containers:''' This loop will create as many Docker containers of the Kasm image as you want to run.</p>
<syntaxhighlight lang="bash">docker-compose up -d</syntaxhighlight>
<syntaxhighlight lang="bash">for i in {1..$ct_num}; do
    sudo docker run --rm -d --shm-size=512m -p $((6900+i)):6901  -e VNC_PW="$password" --name="${username}$i" kasmweb/"$image"
    echo "https://localhost:$((6900+i))"
    sleep 2 # briefly pause before starting the next container
done</syntaxhighlight>
<span id="windows-cmd"></span>
==== Windows CMD ====


<p>``<code> shell @echo off set image=firefox:1.14.0 set password=your_password_here set username=user set ct_num=6</p></li></ol>
# '''Access the Browsers:'''
 
# Firefox: <code>http://localhost:6901</code>
for /L %%i in (1,1,%ct_num%) do ( docker run –rm -d –shm-size=512m -p 690%%i:6901 -e USER=%username% -e VNC_PW=%password% –name=%username%%%i kasmweb/%image% echo https://localhost:690%%i timeout /t 2 )
# Tor Browser: <code>http://localhost:6902</code>
 
</code><code><code>3. '''Access the Instances:'''   - Each instance is accessible via a different port:     -</code>https://localhost:6901<code>for</code>user1<code>-</code>https://localhost:6902<code>for</code>user2<code>- ...      -</code>https://localhost:6915<code>for</code>user15</code> - Use the same VNC password to access all instances.
 
Make sure you access via HTTPS, or you will encounter an error and not see the session.


<span id="use-case-2"></span>
<span id="use-case-2"></span>
=== Use Case ===
=== Use Case ===


'' Ideal for research teams needing to maintain continuity of fingerprinting while working collaboratively.
''Perfect for collaborative research teams needing multiple isolated browsing environments to perform simultaneous tasks without any cross-interference.''
'' Allows for managed attribution across multiple sessions while maintaining security and elevated privacy.
 
<span id="advanced-considerations-network-configuration-for-consistent-ip-attribution-and-secure-remote-access"></span>
== 5. Advanced Considerations: Network Configuration for Consistent IP Attribution and Secure Remote Access ==
 
<span id="purpose-3"></span>
=== Purpose ===
 
For teams or individuals needing to maintain consistent IP attribution or requiring secure remote access to resources, various network configuration options can be employed. These include using a VPN for consistent IP attribution, Tailscale for secure device connectivity, and Cloudflare Tunnel for accessing services via a domain.
 
<span id="options"></span>
=== Options ===
 
<span id="using-a-vpn-for-consistent-ip-attribution"></span>
=== 1. '''Using a VPN for Consistent IP Attribution''' ===
 
'' '''Purpose:''' To ensure that all Docker containers appear as though they are originating from the same IP address, which can be crucial for maintaining a consistent digital fingerprint across multiple sessions.
'' '''Steps:'''
''# '''Install and Configure a VPN on the Host:'''
''#'' Choose and install a VPN client on your host machine.
''#'' Connect to the VPN before starting any Docker containers.
''# '''Run Docker Containers After Connecting to the VPN:'''
''#'' Start your Docker containers as usual after the VPN is active. This ensures that all container traffic routes through the VPN, providing a unified IP address for all operations.
'' '''Use Case:''' Useful for teams conducting coordinated research that needs to appear as originating from a single entity, thereby maintaining consistent attribution.
 
<span id="using-tailscale-for-secure-connectivity-across-devices"></span>
=== 2. '''Using Tailscale for Secure Connectivity Across Devices''' ===
 
'' '''Purpose:''' Tailscale allows you to create a secure, encrypted network between your devices, enabling them to communicate with each other as if they were on the same local network, regardless of their physical location.
'' '''Steps:'''
''# '''Install Tailscale on Your Devices:'''
''#'' Download and install Tailscale on your host machine and any remote devices you want to connect.
''# '''Authenticate and Join the Network:'''
''#'' Log in with your Tailscale account and join your devices to the same Tailscale network.
''# '''Access Docker Containers Remotely:'''
''#'' Use Tailscale IP addresses to securely access your Docker containers from any device on the Tailscale network.
'' '''Use Case:''' Ideal for researchers or teams needing secure remote access to Docker containers and other services hosted on the same network, without the complexity of traditional VPNs.
 
<span id="using-cloudflare-tunnel-for-secure-domain-access"></span>
=== 3. '''Using Cloudflare Tunnel for Secure Domain Access''' ===
 
'' '''Purpose:''' Cloudflare Tunnel (formerly Argo Tunnel) allows you to securely expose your Docker containers to the internet via a custom domain without needing to open ports on your host machine.
'' '''Steps:'''
''# '''Visit Cloudflare Tunnel Website:'''
''#'' For detailed instructions on setting up Cloudflare Tunnel, visit the [https://one.dash.cloudflare.com/ Cloudflare Tunnel website] and select tunnels on the left-hand menu. (You will need a Cloudflare account and domain name to proceed with this method.)
''# '''Install Cloudflared:'''
''#'' Follow the instructions provided by Cloudflare to install the Cloudflared daemon on your host machine.
''# '''Authenticate with Cloudflare:'''
''#'' Log in to your Cloudflare account and authenticate the tunnel as instructed.
''# '''Create and Configure a Tunnel:'''
''#'' Set up a Cloudflare Tunnel to forward traffic from your domain to your Docker containers as guided by Cloudflare.
''# '''Access Your Docker Containers via Domain:'''
''#'' Once configured, your Docker containers will be accessible securely via your custom domain, managed through Cloudflare.
'' '''Use Case:''' Perfect for teams or individuals who need to access Docker containers securely over the internet without exposing their IP address, or for those needing to provide remote access to services through a domain.


<span id="further-resources"></span>
== Related Resources ==
== Further Resources ==


'' '''Kasm Technologies Documentation:''' [https://kasmweb.com/docs/ Kasm Workspaces Documentation]
* [[https://hub.docker.com/ Docker Hub]]
'' '''Community Edition:''' [https://kasmweb.com/community-edition Kasm Community Edition]
* [[https://kasmweb.com/get-started Kasm Workspaces Documentation]]
'' '''Docker Hub Search:''' [https://hub.docker.com/ Docker Hub]
* [[https://github.com/kasmtech Kasm GitHub Repository]]
* '''Install Docker:''' [https://docs.docker.com/get-docker/ Docker Installation Guide]
* [[https://www.techradar.com/news/the-best-vpn Kasm Reviews]]

Latest revision as of 01:59, 10 September 2024

Containers for Digital Force Protection and Collaborative Research

Return to DFP Guides Return to Research

Overview

This guide provides a step-by-step approach to using Docker containers for achieving digital force protection, maintaining elevated privacy, and ensuring continuity of system/behavior fingerprinting while conducting research. The instructions range from setting up simple, single-instance browser containers to more complex configurations involving multiple instances, using Kasm Workspaces images. The focus is on how containers can be used to protect against digital threats and manage attribution in a collaborative research environment.

1. What Are Containers and How Do They Compare to VMs?

Containers are lightweight, standalone, and executable software packages that include everything needed to run a piece of software, including the code, runtime, libraries, and dependencies. Unlike virtual machines (VMs), containers share the host system’s kernel and resources, making them much more efficient in terms of performance and resource usage.

Benefits of Containers

Isolation: Containers provide process and network isolation, ensuring that software runs in a secure, isolated environment.

  1. Real-World Example: A research team uses containers to run multiple instances of a browser for OSINT operations, ensuring that each instance is isolated and cannot interfere with or affect others, which would be a risk if all instances were running on a shared VM.

Efficiency: Containers are lightweight compared to VMs, allowing for faster startup times and reduced resource consumption.

  1. Real-World Example: A development team uses containers to deploy services in production. Since containers are lightweight, they can quickly scale up or down depending on the load, reducing costs and improving performance.

Shortcomings Compared to VMs

Shared Kernel: Containers share the host system’s kernel, which might pose a security risk if the kernel is compromised.

  1. Real-World Example: If a vulnerability exists in the host kernel, it could potentially be exploited to escape a container and affect other containers or the host system, which is less likely with a fully isolated VM.

Limited Hardware Emulation: Unlike VMs, containers cannot emulate hardware, which might be necessary for some applications.

  1. Real-World Example: A company needing to test software on different hardware architectures (e.g., ARM vs. x86) would need to use VMs or physical hardware, as containers cannot emulate different hardware architectures.

Installing Docker

To begin using Docker, you need to install it on your system. Follow the official Docker installation guide based on your operating system:

  1. Install Docker

Installing Kasm Workspaces

To install Kasm Workspaces, follow the instructions provided in the Kasm Workspaces Documentation to install the Community Edition or the Enterprise Edition based on your requirements.

Finding Containers

Find Open Source Containers: Docker Hub List of Kasm-ready containers: Kasmweb Docker Hub

kasmweb/firefox

  1. Purpose: This is a pre-configured Firefox browser container designed for privacy and security.
  2. Use Case: Perfect for researchers who need a secure, elevated private browsing environment without worrying about tracking or leaving a digital footprint.

kasmweb/tor-browser

  1. Purpose: A containerized version of the Tor Browser, which routes your internet traffic through the Tor network for maximum elevated privacy.
  2. Use Case: Ideal for researchers who require the highest level of privacy and need to bypass censorship or access resources that are otherwise restricted.

kasmweb/brave

  1. Purpose: Brave is a privacy-focused browser with built-in ad-blocking. This container version from Kasm is optimized for secure browsing.
  2. Use Case: Great for teams who need a browser that combines ease of use with strong privacy features.

jlesage/firefox

  1. Purpose: A simple Firefox container that’s easy to set up and use. It provides isolated browsing sessions without the complexities of a full Kasm environment.
  2. Use Case: Suitable for individual users who need a straightforward way to browse the internet securely.

kali-linux/kali-rolling

  1. Purpose: A containerized version of Kali Linux, a popular distribution used for security auditing and penetration testing.
  2. Use Case: While more advanced, this container can be used by research teams needing to test security in an isolated environment.

2. Basic Setup: Running a Firefox Browser in Docker

Purpose

A simple, isolated environment for web browsing using a standard Firefox Docker image.

Steps

  1. Pull the Firefox Docker Image:

<syntaxhighlight lang="bash">docker pull jlesage/firefox</syntaxhighlight>

  1. Run the Docker Container:

<syntaxhighlight lang="bash">docker run -d -p 5800:5800 jlesage/firefox</syntaxhighlight>

  1. Access the Browser:
  2. Navigate to http://localhost:5800 in your local web browser to access Firefox.
  1. Port Customization:
  2. Custom Ports: If port 5800 is already in use or you need to run multiple instances, you can change the port mapping:

<syntaxhighlight lang="bash">docker run -d -p 5900:5800 jlesage/firefox</syntaxhighlight>

  1. This command maps port 5900 on your host to port 5800 in the container, allowing you to access the browser at http://localhost:5900.

Use Case

Suitable for quick, isolated web browsing sessions with minimal setup.

3. Intermediate Setup: Using Kasm Workspaces for Enhanced Security

Purpose

Leverage Kasm Workspaces’ containerized browser images to ensure elevated privacy and protection from tracking while conducting sensitive research.

Steps

  1. Search for and Pull the Kasm Firefox Docker Image:
  2. Searching for Docker Images:
  3. Use Docker Hub to find good Docker images by searching for keywords related to your needs (e.g., “browser,” “firefox,” “security”). Review the image details, including the number of pulls, star ratings, and readme documentation, to ensure it’s a well-maintained and trusted image.

<syntaxhighlight lang="bash">docker search kasmweb</syntaxhighlight>

  1. This command searches Docker Hub for images related to Kasm Workspaces.
  1. Pull the Specific Firefox Image:

<syntaxhighlight lang="bash">docker pull kasmweb/firefox:1.14.0</syntaxhighlight>

  1. Run the Firefox Container via Kasm Workspaces:

<syntaxhighlight lang="bash">sudo docker run --rm -it --shm-size=512m -p 6901:6901 -e USER=user -e VNC_PW=password kasmweb/firefox:1.14.0</syntaxhighlight>

  1. Run the Tor Browser via Kasm Workspaces:

<syntaxhighlight lang="bash">sudo docker run --rm -it --shm-size=512m -p 6902:6901 -e USER=user -e VNC_PW=password kasmweb/tor-browser:1.15.0-rolling</syntaxhighlight>

  1. Access the Browsers:
  2. Firefox: https://localhost:6901
  3. Tor Browser: https://localhost:6902
  4. Use the default VNC password (“password”) to access the sessions.

Use Case

Ideal for scenarios requiring enhanced security, such as OSINT operations or secure web research. Provides a managed attribution solution that prevents any lasting footprint after sessions.

Why Use Kasm Workspaces Images?

Individual Browser Images: These allow you to run specific browsers in isolation with minimal setup. This is ideal for those who need to control their environment closely. Full Kasm Workspaces Deployment: Kasm provides a GUI for managing multiple browser sessions but requires more resources and comes with a limitation of 5 active sessions in the trial version. This option is better suited for smaller teams or users who prefer an easier, GUI-driven setup.

4. Advanced Setup: Running Multiple Browser Instances for Team Research

Purpose

Facilitate team-based research with multiple isolated browser instances using Docker containers.

Steps

  1. Find and Pull Multiple Docker Images:
  2. Pull the required browser images from Docker Hub.

<syntaxhighlight lang="bash">docker pull kasmweb/firefox:1.14.0</syntaxhighlight> <syntaxhighlight lang="bash">docker pull kasmweb/tor-browser:1.15.0-rolling</syntaxhighlight>

  1. Run Multiple Containers with Different Ports:
  2. Use the following commands to start different containers with distinct ports for each instance:

<syntaxhighlight lang="bash">docker run -d -p 6901:6901 kasmweb/firefox:1.14.0</syntaxhighlight> <syntaxhighlight lang="bash">docker run -d -p 6902:6901 kasmweb/tor-browser:1.15.0-rolling</syntaxhighlight>

  1. Organize Containers:
  2. Set Up Docker Compose: Use Docker Compose for managing multiple containers. Create a `docker-compose.yml` file:

<syntaxhighlight lang="yaml"> version: '3' services: 

 firefox:
   image: kasmweb/firefox:1.14.0
   ports:
     - "6901:6901"
 tor-browser:
   image: kasmweb/tor-browser:1.15.0-rolling
   ports:
     - "6902:6901"

</syntaxhighlight>

  1. Start All Services:

<syntaxhighlight lang="bash">docker-compose up -d</syntaxhighlight>

  1. Access the Browsers:
  2. Firefox: http://localhost:6901
  3. Tor Browser: http://localhost:6902

Use Case

Perfect for collaborative research teams needing multiple isolated browsing environments to perform simultaneous tasks without any cross-interference.

Related Resources

Retrieved from "https://irregularpedia.org/index.php?title=Research-containers&oldid=317"