April 17, 2021

Help! Connections from China? Brazil?

I run a small Ubuntu / Apache server on DigitalOcean. I just looked at netstat -antp and saw a few “ESTABLISHED” connections from China, Hong Kong, Brazil… Should I be concerned? What exactly does it mean if they are “ESTABISHED”? Here’s what I’m seeing:


|Foreign Address|State|PID/Program Nam|
|(Chinese IP address)|ESTABLISHED|5605/sshd: [accepte|
|(Brazilian IP address)|ESTABLISHED|5607/sshd: unknown|


Does this mean someone in China has access to my web server?? Sorry for any ignorance. I do my best to keep my server secure (hence this discover and this post). I’m hoping that I’m just misunderstanding something. Any help is appreciated.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.