Docker syslog container - Autostarting randomly

dinesh · February 21, 2020, 1:53pm

Hi, I need a clarification regarding a docker situation.

Background Info:
I have a few docker containers running in a server with an own private docker repository.
I also have watchtower container to update all the images automatically and a portainer container to monitor them all.
Everything is running fine for a few months.

Problem:
Sometimes there is a new container with a random name from the image “syslog2:latest” that automatically starts during midnight and keeps running.
The logs of this conatiner are more strange. Few lines from the logs:

30
30
knock
0
0
http://54.39.10.60:8087//bots/knock?worker=Universal&os=Linux&version=1.1
0
0
0

Everytime I delete this container, it reappears after some days randomly.

I wish to know if this is some sort of serious security vulnerability or just a bug.

Any suggestion is welcome. Thanks in advance…

Topic		Replies	Views
Unexpected container starts every night even after stopped, removed and deleted General	0	537	May 10, 2018
Docker images and security updates General	5	3198	February 10, 2023
Docker Images/Container missing General	2	6129	May 14, 2020
[Solved] Syslog full of "unknown container" warnings for existing container General	1	6176	January 22, 2018
Newbie admin questions General	1	953	October 31, 2016

Docker syslog container - Autostarting randomly

Related topics