搬瓦工VPS一直被某IP嘗試SSH登錄

我在搬瓦工上買了VPS服務(wù)器，發(fā)現(xiàn)某一IP每隔1小時就會嘗試通過ssh登錄我的服務(wù)器。

/var/log/secure記錄

Dec 19 20:46:36 Bandwagon sshd[30994]: Bad protocol version identification 'GET / HTTP/1.0' from 107.182.184.17
Dec 19 20:46:36 Bandwagon sshd[30995]: Did not receive identification string from 107.182.184.17
Dec 19 20:46:36 Bandwagon sshd[30996]: Bad protocol version identification 'GET / HTTP/1.0' from 107.182.184.17
Dec 19 20:46:36 Bandwagon sshd[30997]: Did not receive identification string from 107.182.184.17
Dec 19 21:47:00 Bandwagon sshd[31000]: Bad protocol version identification 'GET / HTTP/1.0' from 107.182.184.17
Dec 19 21:47:00 Bandwagon sshd[31001]: Did not receive identification string from 107.182.184.17
Dec 19 21:47:00 Bandwagon sshd[31002]: Bad protocol version identification 'GET / HTTP/1.0' from 107.182.184.17
Dec 19 21:47:00 Bandwagon sshd[31003]: Did not receive identification string from 107.182.184.17
Dec 19 22:46:57 Bandwagon sshd[31006]: Bad protocol version identification 'GET / HTTP/1.0' from 107.182.184.17
Dec 19 22:46:57 Bandwagon sshd[31007]: Did not receive identification string from 107.182.184.17
Dec 19 22:46:57 Bandwagon sshd[31008]: Bad protocol version identification 'GET / HTTP/1.0' from 107.182.184.17
Dec 19 22:46:57 Bandwagon sshd[31009]: Did not receive identification string from 107.182.184.17
Dec 19 23:47:04 Bandwagon sshd[31012]: Bad protocol version identification 'GET / HTTP/1.0' from 107.182.184.17
Dec 19 23:47:04 Bandwagon sshd[31013]: Did not receive identification string from 107.182.184.17
Dec 19 23:47:04 Bandwagon sshd[31014]: Bad protocol version identification 'GET / HTTP/1.0' from 107.182.184.17
Dec 19 23:47:04 Bandwagon sshd[31015]: Did not receive identification string from 107.182.184.17

日志中可以看到這個107.182.184.17每隔一小時就嘗試登錄一次。
服務(wù)器ssh被攻擊是很平常的事，我也知道如何使用denyhosts自動屏蔽IP
我奇怪的是這個IP地址。

下圖是我用www.ipip.net網(wǎng)站的traceroute查詢的我VPS的結(jié)果
圖片描述
可以看到第15個跳數(shù)的IP就是上面日志中一直出現(xiàn)的107.182.184.17。
這個IP應(yīng)該位于我VPS同一機房，同樣歸搬瓦工所有。