Workload misconfigurations

Ensure Userland Proxy is Disabled (Automated)

Platform(s)
Compliance Frameworks
  • Docker CIS V1.3.1
  • ,
  • NIST 800-190

Description

The Docker daemon starts a userland proxy service for port forwarding whenever a port is exposed. Where hairpin NAT is available, this service is generally superfluous to requirements and can be disabled.