ok, for the person who has been out of the biz for 25 years, during which things have changed (and that was solaris, with some differences, and a good corporate firewall) can soomebody point me to how to get rid of that stuff?? Carey
On 09/23/2025 1:21 PM CDT Don Tai <dontai.canada@gmail.com> wrote:
162.159.134.234 cloudflare 23.220.246.152 akamai 3.233.158.26 AZN 184.25.113.134 Akamai 151.101.3.52 skyca, Fastly
You could download nmap and scan your ports. It will tell you if you have ports open. When I used to try to hack linux boxes (my own), Linux was really secure. Nothing should be open, unlike Win machines.
On Tue, 23 Sept 2025 at 13:56, CAREY SCHUG via Talk <talk@lists.gtalug.org mailto:talk@lists.gtalug.org> wrote:
FIrst, it looks like the probem is my linux desktop. traffic going all over the place when i am doing essentially nothing.
and I have confirmed the ip addresses of my windows computers in the log i created on my desktop. explain how that can be unless wireshark has put my port into promiscuous mode.
I am getting MANY ip addresses that are not mine, talking to my desktop ip address.
just going throught he first part and eyeballing for different ip addresses (I am sure I missed some), maybe 2% of the whole file, I found the following:
cat wireshark|grep 162.159.134.234|wc -l cat wireshark|grep 23.220.246.152|wc -l cat wireshark|grep 3.233.158.26|wc -l cat wireshark|grep 184.25.113.134|wc -l cat wireshark|grep 3.233.158.25|wc -l cat wireshark|grep 151.101.3.52|wc -l cat wireshark|grep 207.65.32.79|wc -l cat wireshark|grep 3.233.158.25|wc -l cat wireshark|grep 18.206.77.82|wc -l cat wireshark|grep 98.87.185.133|wc -l cat wireshark|grep 18.160.225.46|wc -l 75 852 2589 63 2813 531 408 2813 13 14 152
if wireshark or some other existing tool cannot go through my listing and extract all the ip addresses, i will work on that, or do other research to find what malware could have infected my computer.
question: could it be accidental or malicious p2p filesharing was started on my computer? how would I look for the task running it and kill it and prevent it from restarting?
Carey
On 09/23/2025 12:17 PM CDT James Knott <james.knott@jknott.net mailto:james.knott@jknott.net> wrote:
On 9/23/25 13:09, CAREY SCHUG wrote:
comcast<-->monoprice 8 port gigabit switch<-->monoprice 8 prt gb switch
I have no idea about what that switch can do. Since you don't want to use one of your Cisco switches, then buy a cheap managed switch and follow my instructions. You should be able to find one for around $20 - $30.
Description: GTALUG Talk Unsubscribe via Talk-unsubscribe@lists.gtalug.org mailto:Talk-unsubscribe@lists.gtalug.org Start a new thread: talk@lists.gtalug.org mailto:talk@lists.gtalug.org This message archived at https://lists.gtalug.org/archives/list/talk@lists.gtalug.org/message/EAIQZXP...