ok, nmap sounds like it does everything but eat. (we had a mainframe utility called debe for that) any intro web pages for a novice? in my less than 30 minutes of scanning, i had over 32000 packets in/out of my desktop. to a large variety of ip addresses when I am not doing anything but email something is running without my permission how do I determine what it is? like list activity by port number as a starting point? Carey
On 09/23/2025 1:21 PM CDT Don Tai <> wrote:
162.159.134.234 cloudflare 23.220.246.152 akamai 3.233.158.26 AZN 184.25.113.134 Akamai 151.101.3.52 skyca, Fastly
You could download nmap and scan your ports. It will tell you if you have ports open. When I used to try to hack linux boxes (my own), Linux was really secure. Nothing should be open, unlike Win machines.
On Tue, 23 Sept 2025 at 13:56, CAREY SCHUG via Talk <talk@lists.gtalug.org mailto:talk@lists.gtalug.org> wrote:
FIrst, it looks like the probem is my linux desktop. traffic going all over the place when i am doing essentially nothing.
and I have confirmed the ip addresses of my windows computers in the log i created on my desktop. explain how that can be unless wireshark has put my port into promiscuous mode.
I am getting MANY ip addresses that are not mine, talking to my desktop ip address.
just going throught he first part and eyeballing for different ip addresses (I am sure I missed some), maybe 2% of the whole file, I found the following:
cat wireshark|grep 162.159.134.234|wc -l cat wireshark|grep 23.220.246.152|wc -l cat wireshark|grep 3.233.158.26|wc -l cat wireshark|grep 184.25.113.134|wc -l cat wireshark|grep 3.233.158.25|wc -l cat wireshark|grep 151.101.3.52|wc -l cat wireshark|grep 207.65.32.79|wc -l cat wireshark|grep 3.233.158.25|wc -l cat wireshark|grep 18.206.77.82|wc -l cat wireshark|grep 98.87.185.133|wc -l cat wireshark|grep 18.160.225.46|wc -l 75 852 2589 63 2813 531 408 2813 13 14 152
if wireshark or some other existing tool cannot go through my listing and extract all the ip addresses, i will work on that, or do other research to find what malware could have infected my computer.
question: could it be accidental or malicious p2p filesharing was started on my computer? how would I look for the task running it and kill it and prevent it from restarting?
Carey