Question
Why am I getting port 22 scans from DigitalOcean servers?
- Posted February 22, 2015
The following is a list I have compiled over the past few months for port 22 scans coming from Digital Ocean owned IP addresses. :
| IP Address | Count |
|---|---|
| 128.199.40.193 | 1 |
| 128.199.41.163 | 6 |
| 128.199.46.245 | 2 |
| 128.199.53.176 | 1 |
| 128.199.64.51 | 3 |
| 128.199.65.43 | 3 |
| 128.199.100.180 | 6 |
| 128.199.101.13 | 3 |
| 128.199.116.46 | 1 |
| 128.199.133.77 | 6 |
| 128.199.143.40 | 6 |
| 128.199.150.69 | 12 |
| 128.199.154.171 | 3 |
| 128.199.169.107 | 12 |
| 128.199.185.43 | 6 |
| 128.199.194.193 | 3 |
| 128.199.196.161 | 9 |
| 128.199.198.197 | 1 |
| 128.199.201.53 | 2 |
| 128.199.206.104 | 1 |
| 128.199.206.158 | 1 |
| 128.199.207.10 | 2 |
| 128.199.218.142 | 1 |
| 128.199.219.180 | 1 |
| 128.199.229.55 | 3 |
| 128.199.230.165 | 4 |
| 128.199.232.39 | 3 |
| 128.199.234.223 | 6 |
| 128.199.246.104 | 2 |
| 128.199.246.223 | 2 |
| 128.199.255.44 | 1 |
Could these be signs that the servers have been compromised or abused? What other reasons could there be for scans like these?
Subscribe
Share
Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Sign in to AnswerThese answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
They are most likely compromised or being used for abuse. Send an e-mail to abuse@digitalocean.com