Example to so how to collect the flows during a SSH brute force attack with DOROTHEA & nmap.
$ cd examples/port-scanCheck the configuration file (dorothea-pmacctd.conf), and the nmap arguments on the (docker-compose.yml) attacker command.
The services (containers) will be attached to the default docker network
docker0with subnet172.17.0.0/16. Check this values in case you have different ones on your environtment or you created some modifications to this scenario.
$ docker compose up$ docker compose down