LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-16-2006, 10:47 AM   #1
cmarti2
LQ Newbie
 
Registered: Nov 2005
Posts: 2

Rep: Reputation: 0
Hard drive activity when online, is someone monitoring


Can anyone tell me why this happens? When I am on-line I see my dsl modem activity light flash a few times and then my hard drive starts reading and writing. It does this only when I am on-line, I turn off my router and the activity stops. netstat indicates no listening ports. I am using Suse 10.0 behind a router to a dsl connection. Running the standard Suse firewall with default setting. I believe I have all services turned off that I don't need. No servers needed or running. I just use my box for e-mail and web surfing.

How do I check out whats going on?
Am I too paranoid?

Thanks for your help and ideas.
 
Old 01-16-2006, 10:52 AM   #2
flibby
LQ Newbie
 
Registered: Jan 2006
Posts: 4

Rep: Reputation: 0
You could try to sniff the traffic with Ethereal while you are online.

Then you should see where the packets come from / where they go.

I guess it is only doing broadcasts, discovery messages, etc.
But the hdd activity confuses me
 
Old 01-16-2006, 10:54 AM   #3
nx5000
Senior Member
 
Registered: Sep 2005
Location: Out
Posts: 3,307

Rep: Reputation: 57
Do you have a fixed IP?
Maybe you are getting old packets of P2P users.
Then your firewall logs the packets which could explain the disk usage.
It could be a process trying to update something.

What you could do in this case is install Ethereal.
Launch Ethereal, launch your connection, don't do anything, don't breathe and stop it after you have something.
Right click on one packet and choose "follow tcp stream" , you should see the text being sent/received.
 
Old 01-16-2006, 03:06 PM   #4
Darin
Senior Member
 
Registered: Jan 2003
Location: Portland, OR USA
Distribution: Slackware, SLAX, Gentoo, RH/Fedora
Posts: 1,024

Rep: Reputation: 45
Have you tried just running top, or ktop or whatever gnome's version of it is and seeing what processes are using the CPU?
 
Old 01-16-2006, 03:52 PM   #5
Krugger
Member
 
Registered: Oct 2004
Posts: 229

Rep: Reputation: 30
Use ps aux to see all processes.
Use lsof to see all open files in your system. Usually a lot of libs will appear.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Monitor all activity to hard drive esckey2004 Linux - Security 2 01-07-2006 12:56 PM
Suspicious hard drive activity machinemanagement Red Hat 4 08-25-2005 03:28 PM
weird hard drive activity Furlinastis Slackware 4 01-25-2005 07:30 AM
Odd hard drive activity and lock-ups on laptop using SuSE 9.1 personal tisource Linux - Hardware 0 12-05-2004 06:36 PM
Hard drive activity monitoring bkeating Linux - General 1 05-24-2002 04:40 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:52 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration