Beta version. In progress, see the To-Do section
Unofficial snort3 IDS/IPS software docker image.
- From : Debian Bookworm Slim.
- Size : 778 MB.
- Time : Build from source. Take multiples minutes depending on your system.
- Trivy : 0 unfixed vulnerabilities.
docker pull mikehorn/snort3:latest
git clone https://github.com/MikeHorn-git/docker-snort3.git
cd docker-snort3/
docker compose build
To use file from your host :
- Create a directory in your home with the name snort.
- Modify the docker-compose.yml, to replace the $USER var to your username in the volumes section.
- Place the files you want in host : /home/$USER/snort
- In the docker container they are available at /files
docker compose run --rm snort3 -i eth0
docker compose run --rm snort3 -r /files/file.pcap
- The snort3 Docker image is scanned with trivy to improve security.
- Install docker-bench-security for hardening your host.
- Create and configure snort.conf file.
- Add docker-compose.yml file.
- Push image to Docker Hub.