Digitalocean.com has misconfigured their network in a way that allows for anyone to monitor customer network traffic. During the process of checking MySQL replication between master and slave, I noticed there was a lot of background noise in tcpdump. It seems DigitalOcean has, using KVM and libvirt per their own recognition, put the libvirt-interface in an overly large bridge, and then kept applying more and more networks (multiple /24, it seems). While this might be a convenient way of assigning new networks to an ever-growing customer stock, it also sort of turns the entire thing into an amateur radio station (using the word amateur here to denote the activity, not the skill level of Digitalocean staff!). I do not want to be able to read what goes on with various mail, ircd, web and Microsoft sql servers, in networks far outside of my logical reach, as a customer with one IPv4. I am not an angry ex-customer. I will keep using their services, if this is fixed. I will not paste logs as that would add nothing to my disclosure, more than a possibility to exploit innocent users. I wish to encourage the community to take a few steps back and not engage in target practice, while Digitalocean undoubtedly remedies this situation (I have been in contact with them repeatedly before coming here). I hope that this helps, for whatever it's worth. This is where my involvement ends. I leave this information in the hands of the community.Best Regards, Johan Boger (also posted on full disclosure).