Networking disabled digitalocean


#1

Hi

every time I try to run shinyproxy on a digitalocean droplet I get a DOS message from digitalocean and my droplet goes offline … had anyone the same experience and can tell me how I can handle this? I do not think that it is realy is a security problem… (The IP adress is not realy public, it is only for testing purpose and I use a rsa key …)

Thank you,
Christof

It is only a default installation…

sudo apt-get update
sudo apt-get -y install r-base libapparmor1 libcurl4-gnutls-dev libxml2-dev libssl-dev gdebi-core
sudo apt-get install libcairo2-dev
sudo apt-get install libxt-dev
sudo apt-get install git-core
sudo apt-get install build-essential
# add 1G of swap space:
sudo /bin/dd if=/dev/zero of=/var/swap.1 bs=1M count=1024
sudo /sbin/mkswap /var/swap.1
sudo /sbin/swapon /var/swap.1
sudo sh -c 'echo "/var/swap.1 swap swap defaults 0 0 " >> /etc/fstab'
sudo mkdir /usr/lib/jvm
sudo cd /usr/lib/jvm/
sudo wget http://cdn.azul.com/zulu/bin/zulu8.21.0.1-jdk8.0.131-linux_amd64.deb
sudo apt-get -f install java-common
sudo apt-get -f install
sudo dpkg -i zulu8.21.0.1-jdk8.0.131-linux_amd64.deb
sudo apt-get update
sudo apt-get install apt-transport-https ca-certificates curl software-properties-common

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo apt-key fingerprint 0EBFCD88
sudo add-apt-repository \
   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
   $(lsb_release -cs) stable"
sudo apt-get update
sudo apt-get install docker-ce
sudo service docker status

# On an Ubuntu 16.04 LTS system (or a similar system that uses systemd) 
# this can be set in the /lib/systemd/system/docker.service file as follows:
ExecStart=/usr/bin/dockerd -H fd:// -D -H tcp://0.0.0.0:2375
# To reload the configuration and restart docker use

sudo systemctl daemon-reload
sudo systemctl restart docker

systemctl status docker.service


wget https://www.shinyproxy.io/downloads/shinyproxy-0.9.3.jar
sudo docker pull openanalytics/shinyproxy-demo
sudo docker images | grep shinyproxy
java -jar shinyproxy-0.9.3.jar  

and after I view hours or days I become something like

“We’ve detected an outgoing Denial of Service attack (…) originating from your Droplet. Specifically, we have detected inbound traffic exceeding 0.0 Mb/s and outbound traffic exceeding 0.0 Mb/s. Due to the traffic’s harmful nature, your Droplet was taken offline; this means it is not connected to the internet and all hosted sites and services are unreachable. We know that this action is disruptive, but it’s necessary to protect you, our network, and the target of your Droplet’s attack.”


#2

Hi @ckluss,

We never heard this before. If the port on which to access the Docker daemon is open and not secured, I can imagine it to be used to pull and run a malicious container (?)

Best,
Tobias