Carey
On 09/23/2025 1:21 PM CDT Don Tai <> wrote:162.159.134.234 cloudflare
23.220.246.152 akamai3.233.158.26 AZN184.25.113.134 Akamai151.101.3.52 skyca, FastlyYou could download nmap and scan your ports. It will tell you if you have ports open. When I used to try to hack linux boxes (my own), Linux was really secure. Nothing should be open, unlike Win machines.
On Tue, 23 Sept 2025 at 13:56, CAREY SCHUG via Talk <talk@lists.gtalug.org> wrote:FIrst, it looks like the probem is my linux desktop. traffic going all over the place when i am doing essentially nothing.
and I have confirmed the ip addresses of my windows computers in the log i created on my desktop. explain how that can be unless wireshark has put my port into promiscuous mode.
I am getting MANY ip addresses that are not mine, talking to my desktop ip address.
just going throught he first part and eyeballing for different ip addresses (I am sure I missed some), maybe 2% of the whole file, I found the following:
cat wireshark|grep 162.159.134.234|wc -l
cat wireshark|grep 23.220.246.152|wc -l
cat wireshark|grep 3.233.158.26|wc -l
cat wireshark|grep 184.25.113.134|wc -l
cat wireshark|grep 3.233.158.25|wc -l
cat wireshark|grep 151.101.3.52|wc -l
cat wireshark|grep 207.65.32.79|wc -l
cat wireshark|grep 3.233.158.25|wc -l
cat wireshark|grep 18.206.77.82|wc -l
cat wireshark|grep 98.87.185.133|wc -l
cat wireshark|grep 18.160.225.46|wc -l
75
852
2589
63
2813
531
408
2813
13
14
152
if wireshark or some other existing tool cannot go through my listing and extract all the ip addresses, i will work on that, or do other research to find what malware could have infected my computer.
question: could it be accidental or malicious p2p filesharing was started on my computer? how would I look for the task running it and kill it and prevent it from restarting?
Carey