View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions Several IPs from Digital Ocean are trying to hack me
Log in to Ask a Question

Several IPs from Digital Ocean are trying to hack me

From my access logs, I'm seeing a bunch of IP addresses that whatismyipaddress.com says are from Digital Ocean that are hitting some of my domains trying to break in. (I've seen a few from Linode as well.)

Should these IPs be reported to DO (and Linode?) along with the lines from the access log? Would it do any good or just a waste of time?

1 Reply

Should these IPs be reported to DO (and Linode?) along with the lines from the access log? Would it do any good or just a waste of time?

You should report them. Send your report to abuse@digitalocean.com. File a Linode support ticket too (to report the Linode addresses). I actually got a response from DO about 6 weeks ago when I discovered their stable of "security researchers" were trying to (brute-force) hack me.

Linode takes intrusion attempts by other Linodes pretty seriously. I've reported several and they always stop (I don't know what the ultimate disposition of the case was due to privacy restrictions but the attempts always stop and they never start up again).

Meanwhile, you should block every IP address in AS14061. With Net-/FreeBSD pf, this is easy. With iptables on Linux not so much…

Hint… It'll involve at least 2 rules and 2 ipsets -- 1 rule and 1 ipset each for IPv4 and IPv6.

-- sw

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct