Guys, I have ubuntu 10.10 in my pc. Recently when I connected to internet (via my phone) i saw a LOT of traffic going out and also coming to my computer(i have a third party app to monitor the traffic). It starts instantly when i connected and i didn't open any application (not even updates). The worst thing is that this traffic is not monitored in some apps(i can say them trustworthy apps like google desktop gadgets). The most interesting thing is when i tried to identify the app doing this by stopping each processes in process monitor one by one. I saw that when i stopped pulseaudio, the traffic stopped slowly after a while. Now i usually stop it before connecting to the internet. But it causes problems with audio and video. I doubt this is a virus or a rootkit(oh god, dont be so). So i need help with this. Can anyone help me guys? (I am not an expert in linux but,kinda of a newbie.)
Hmmmm.....Its checking for stuff to update. If you run any OS and are connected to net, there will always be traffic unless you turn the feature off On Wed, Jul 20, 2011 at 9:44 AM, The sherminator <steve.kim41@gmail.com>wrote:
Guys, I have ubuntu 10.10 in my pc. Recently when I connected to internet (via my phone) i saw a LOT of traffic going out and also coming to my computer(i have a third party app to monitor the traffic). It starts instantly when i connected and i didn't open any application (not even updates). The worst thing is that this traffic is not monitored in some apps(i can say them trustworthy apps like google desktop gadgets). The most interesting thing is when i tried to identify the app doing this by stopping each processes in process monitor one by one. I saw that when i stopped pulseaudio, the traffic stopped slowly after a while. Now i usually stop it before connecting to the internet. But it causes problems with audio and video. I doubt this is a virus or a rootkit(oh god, dont be so). So i need help with this. Can anyone help me guys? (I am not an expert in linux but,kinda of a newbie.) _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
On Wed, Jul 20, 2011 at 9:44 AM, The sherminator <steve.kim41@gmail.com> wrote:
Guys, I have ubuntu 10.10 in my pc. Recently when I connected to internet (via my phone) i saw a LOT of traffic going out and also coming to my computer(i have a third party app to monitor the traffic). It starts instantly when i connected and i didn't open any application (not even updates).
Do you have a packet sniffer installed? Try run tcpdump at the command line as root. BR S -- This message represents the official view of the voices in my head.
On Wed, Jul 20, 2011 at 12:35 PM, Steve Muchai <smuchai@gmail.com> wrote:
On Wed, Jul 20, 2011 at 9:44 AM, The sherminator <steve.kim41@gmail.com> wrote: [...]
Do you have a packet sniffer installed? Try run tcpdump at the command line as root.
...and sorry I should have been a bit clearer. The objective would be to identify the type of traffic, and destination, that would give you an idea what's going on behind the scenes. BR S -- This message represents the official view of the voices in my head.
Cool,will try that one On Wed, Jul 20, 2011 at 2:07 PM, Steve Muchai <smuchai@gmail.com> wrote:
On Wed, Jul 20, 2011 at 12:35 PM, Steve Muchai <smuchai@gmail.com> wrote:
On Wed, Jul 20, 2011 at 9:44 AM, The sherminator <steve.kim41@gmail.com> wrote: [...]
Do you have a packet sniffer installed? Try run tcpdump at the command line as root.
...and sorry I should have been a bit clearer. The objective would be to identify the type of traffic, and destination, that would give you an idea what's going on behind the scenes.
BR S
-- This message represents the official view of the voices in my head. _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
You could block all TCP ports except 80 and 443. That will allow only surfing. On Wed, Jul 20, 2011 at 2:09 PM, The sherminator <steve.kim41@gmail.com>wrote:
Cool,will try that one
On Wed, Jul 20, 2011 at 2:07 PM, Steve Muchai <smuchai@gmail.com> wrote:
On Wed, Jul 20, 2011 at 12:35 PM, Steve Muchai <smuchai@gmail.com> wrote:
On Wed, Jul 20, 2011 at 9:44 AM, The sherminator <steve.kim41@gmail.com> wrote: [...]
Do you have a packet sniffer installed? Try run tcpdump at the command line as root.
...and sorry I should have been a bit clearer. The objective would be to identify the type of traffic, and destination, that would give you an idea what's going on behind the scenes.
BR S
-- This message represents the official view of the voices in my head. _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
On Thu, Jul 21, 2011 at 10:31 AM, Mr. Brian kipropest <kipropbrian@gmail.com> wrote:
You could block all TCP ports except 80 and 443. That will allow only surfing.
The unwanted traffic could be on TCP ports 80 and 443, or may even be UDP. You need to identify what you're dealing with first. BR S -- This message represents the official view of the voices in my head.
have you tried turning it off and on again ? *ROFL. * Good morrow brothers and sisters of *Skunkville*.. *W.* On Thu, Jul 21, 2011 at 10:34 AM, Steve Muchai <smuchai@gmail.com> wrote:
On Thu, Jul 21, 2011 at 10:31 AM, Mr. Brian kipropest <kipropbrian@gmail.com> wrote:
You could block all TCP ports except 80 and 443. That will allow only surfing.
The unwanted traffic could be on TCP ports 80 and 443, or may even be UDP. You need to identify what you're dealing with first.
BR S
-- This message represents the official view of the voices in my head. _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- “ *In brightest day, in blackest night,**No evil shall escape my sight**Let those who worship evil's might,**Beware my power... Green Lantern's light!* ” —Hal Jordan/Many Current Lanterns
participants (5)
-
Mr. Brian kipropest -
Paul Kevin -
Steve Muchai -
The sherminator -
Watchman