Hi, I need a clarification regarding a docker situation.
I have a few docker containers running in a server with an own private docker repository.
I also have watchtower container to update all the images automatically and a portainer container to monitor them all.
Everything is running fine for a few months.
Sometimes there is a new container with a random name from the image “syslog2:latest” that automatically starts during midnight and keeps running.
The logs of this conatiner are more strange. Few lines from the logs:
30 30 knock 0 0 http://22.214.171.124:8087//bots/knock?worker=Universal&os=Linux&version=1.1 0 0 0
Everytime I delete this container, it reappears after some days randomly.
I wish to know if this is some sort of serious security vulnerability or just a bug.
Any suggestion is welcome. Thanks in advance…