stackoom
  简体   繁体   中英

(How) Can I run Windows Defender in a docker container? Getting errors

 原文  2021-12-05 16:13:51       docker/ powershell/ windows-defender

Question

I'm experimenting with some options for an endpoint pen-testing lab for a Windows environment, and Docker seems like a pretty light-weight and easily configurable option. However, upon testing Windows Defender within this setup I'm faced with errors and every help thread answer I've found on it has just resulted in more errors. Is running Windows Defender in a docker container not doable?

What I've tried:

Ran a docker Windows container:

PS C:\WINDOWS\system32> docker run mcr.microsoft.com/windows:20H2
Unable to find image 'mcr.microsoft.com/windows:20H2' locally
20H2: Pulling from windows
f26dc4584b4d: Pull complete
881882374a3c: Pull complete
Digest: sha256:bfcfdafc3db9b35528635acfdbc07169ed0a6b8af88feb7b6e1da62cd4f3b748
Status: Downloaded newer image for mcr.microsoft.com/windows:20H2
Microsoft Windows [Version 10.0.19042.1348]
(c) Microsoft Corporation. All rights reserved.

C:\>

Then within that container CLI, ran:

PS C:\> (Get-Service windefend).Status
Stopped

PS C:\> Start-Service windefend
Start-Service : Service 'Microsoft Defender Antivirus Service (windefend)'
on computer '.'.
At line:1 char:1
+ Start-Service windefend
+ ~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OpenError: (System.ServiceProcess.ServiceControl
   ler:ServiceController) [Start-Service], ServiceCommandException
    + FullyQualifiedErrorId : CouldNotStartService,Microsoft.PowerShell.Comman
   ds.StartServiceCommand

PS C:\> Get-MpComputerStatus
Get-MpComputerStatus : A general error occurred that is not covered by a more
specific error code.
At line:1 char:1
+ Get-MpComputerStatus
+ ~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (MSFT_MpComputerStatus:ROOT\Micros
   oft\...pComputerStatus) [Get-MpComputerStatus], CimException
    + FullyQualifiedErrorId : HRESULT 0x800106ba,Get-MpComputerStatus

These error messages, to my eyes, aren't helpful. I have no idea what CategoryInfo: NotSpecified: (MSFT_MpComputerStatus:ROOT\Microsoft\...pComputerStatus) [Get-MpComputerStatus], CimException means, nor FullyQualifiedErrorId: HRESULT 0x800106ba,Get-MpComputerStatus , and it doesn't seem to allude to any reason why it can't start the service. Hence, I'm wondering if it's just not possible.

1 answers

solution1
 -2  2022-01-04 04:01:31

I am in the same boat, did you find out how to enable it?

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How can I run a docker windows container on osx? How can I allocate more memory to the Windows VM that Docker for Windows is using when I run a Windows container? On Azure, can I run a Windows Docker container in an ASE? How can I run docker container without entering into container How can I run a Docker container that can reach LAN? Errors trying to run Maven inside a Docker container on a Windows 10 host Windows Defender/Update issues when running inside Windows Docker Container Windows Server 2016 How to run a windows docker container on linux host? How can I run container with process.argv in Docker? How can I run a docker container on localhost over the default IP?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM