I have instances of someone uploading information from my computer, this happens somewhat often.
Today I was searching for a recipe when all of a sudden my screen dimmed, the search ended and my DSL modem was working like crazy.
No way to tell (as far as I know) if it was uploading or downloading but sense I was doing nothing I'm damn sure someone is uploading information! This went on for 5 minutes give or take!

I have the selections set to "NO" for any of this type of activity in Firefox/Edit/preferences including updating of anything.

Can anyone tell me what is going on?

Running Ubuntu 12.04. Install all updates as soon as they come in on a daily basis. This week alone the system has downloaded and installed over 170 MB of updates.

If you guys have the time I would really appreciate some help.

You might find some useful information in this thread about detecting and identifying intruders: http://askubuntu.com/questions/15121...n-ubuntu-12-04

Do you have a wireless router? If so, the first thing to do is change your wireless password, as well as your computer user password(s); you should also change your router password (see the manufacturer's website or the docs for your router for instructions). Your router may also maintain connection logs; it would be worth looking at them.

Since you are using Linux, it is unlikely that you have a virus in the classic sense, but it is possible that you might have been victimized by some "social engineering" or browser exploit.

2 members found this post helpful.

Hi Frank. No router connected. Just a DSL modem connected to the wall jack with my telephone to the second wall jack

Okay Frankbell was talking about this dsl modem only.

that would never happen if a program WAS uploading files FROM your machine to a different one
nor if the web browser was garbing files from someplace

HOW ??????

a dim screen says NOTHING about " someone " uploading YOUR files to someplace




seeing as we can only make wild guesses and the only information given was a dim screen and " odd" DSL modem behavior


a temporary under-voltage in the power line

a 1 to 2 second "brown out"
a very VERY VERY common occurrence


that is not a good idea
and is in fact a VERY BAD IDEA
-- do not do that --

firefox 36 released a SECURITY!!! update a bit back 36.01
and on Mar 21 they released a out of cycle EMERGENCY security update to
36.04

so have firefox UPDATE!!!!!

It's always better to put a router between your computer and the modem. Then nobody can connect directly to your computer from the internet. Your computer is given a local, non-routable ip address by the router, and it acts as a shield. This is assuming, of course that your DSL modem is not actually a router as well - sometimes they are all-in-one boxes. You should be able to tell by checking your computer's ip address - if it starts with something like 192.168.x.x or 10.x.x.x then your modem is probably also a router, because those address ranges are non-routable. You can get your ip address by typing ifconfig at the console, usually. This presents a lot of info, but look for the bit that says something like "inet addr".

There are tools to check for rootkits, but I don't know offhand how up-to-date or effective they are (especially if you already have an infection). But it's worth a try: Look for chkrootkit and/or rkhunter. Both should be available for free via apt-get or whatever you use.

I always install tripwire on my machines, and configure it so that it can pick up when important files have been changed without my knowledge. It's too late for your current situation, though, tripwire is something you set up very soon after you have set up the computer (and preferably before exposing it bare to the internet).

Honestly, 99.9% of malware issues can be avoided by following these rules:

1. Never click on links in emails, unless you know for a fact where it came from. Hover your mouse over the link to make sure it's going where it says it's going.
2. Install AdBlock Plus (for Mozilla-based browsers)
3. Always try to have your computer behind a router, this is your first line of defense
4. Learn about making firewall rules for your computer, e.g. iptables
5. Turn off or disable all services that you don't use

If you're already infected then the best course is probably to get a router, then backup all the personal files on your computer (i.e. the ones that you generated or saved, that wouldn't be replaced by a re-install), then do a complete system wipe and re-install from scratch. Re-partition and format the hard drive too, just in case there's some nasty in the boot sector. Then you reinstall from behind your router, with confidence that nobody can connect to your computer from the outside during the install and post-install period. Then lock things down, install tripwire so you have a good snapshot of how things should be, and you should be good to go.

Hope that helps,

Neil

1 members found this post helpful.

If it happens again
Ctrl Esc should tell you what process is active.

1 members found this post helpful.

+1 Neil's advice.

Regards...

Be safe, but personally I think you're just being paranoid. I also have no idea why you think Firefox options secure your network connection... they don't. Screen dimming in Ubuntu just means the system is too busy to do anything else and is usually swapping like hell, or your machine is too weak to run it full speed.

Since you're running Ubuntu 12.04, you might check the firewall, which is usually installed as a default:
If the reply is "disabled", run
That won't let anything in you didn't ask for.
But for what it's worth, a 32-bit installation of 12.04 has been giving me some grief lately by graying out when I try to update stuff. My solution has been to go to Synaptic, hit Reload, then click Mark all updates, then hit Apply: it does the update job through a different path.

My thanks to Neil. What I thought was just a modem must be a combination Router/modem. IP address starts with 192.168........

It happened again, this time I caught this, waxcdn.com and code.jquery.com. I went to the web sites they are some sort of new technlogy that downloads information (Not upload) faster that companies are evidently starting to use in delivering information to the computer. So, evidently I don't have a problem.

albinard, I made a mistake when I said I was running Ubuntu 12.04, it's 14.04, sorry.

Why it dimmed my screen I do not know! My system has more than enough power/ram/disk space.

Maybe I was parinoid, but I would rather be that than sorry!