Skip to content

Update Docker installation instructions #4297

New issue
New issue
Open
Open
Update Docker installation instructions#4297
Labels
DocumentationIssues relating to the project's documentation like readme files, guides, etc.
@mssalvatore

Description

@mssalvatore
mssalvatore
opened on Mar 2, 2026

Documentation request

Edit existing content 📝

Which page(s) do you want us to edit?
docs/content/setup/docker.md

What do you think should be changed?

The instructions for setting up Infection Monkey on Docker instruct the user to use the host network driver. The MongoDB server does not use any kind of authentication. Therefore, if the host is not protected by a host-based firewall that limits access to the MongoDB ports, malicious actors on the local network or public internet could modify the contents of the MongoDB instance. See #4296

  1. Modify the docker installation instructions so that the MongoDB process is only listening on the localhost.
  2. Verify that there is, indeed, no access control around the MongoDB process.
  3. Add a caveat to all installation instructions that the Monkey Island is intended to be run on its own host/VM because it's Mongo instance is unsecured, but listening only on the local host.

Metadata

Metadata

Assignees

No one assigned

    Labels

    DocumentationIssues relating to the project's documentation like readme files, guides, etc.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions