Quote:
Originally Posted by james_larson
could my laptop be compromised?
|
Well, it could. But, then, so could Fort Knox. I don't really have information on either at the moment, although maybe I could use this internet thingy to tell me about Fort Knox.
Quote:
Originally Posted by james_larson
i was just doing my regular stuff on my laptop. then i noticed my fan was a little louder then usual.
|
This isn't really evidence of anything, apart from that the cpu temp is a bit high, caused by the cpu working hard 9not going to power save) or the environment being warm.
Quote:
so i opened up a terminal and used to top. i noticed there was this thing was using a lot of cpu but i didnt read it fast enough cause it went away but i noticed it was update-somthing-apx.
|
This choice worked out badly for you (not really your fault; you weren't to know that whatever could disappear sudenly). "ps -ef" would have captured a real snapshot, which probably would have scrolled off the screen...you may or may not have been able to scroll back, depending on what you were working in and how it was set up; if you expect this to happen again, you may want to be prepared with a little script like:
Code:
ps -ef > processes.tmp
set as executable, and in somewhere in your path - most people have a personal 'bin' directory fopr such things...or, if you are used to the top output, you could try
Quote:
And i also noticed rkhunter was running as root. i wasnt running the command. could my laptop be compromised?
|
From what I remember, rkhunter has to run as root (I can't confirm that immediately, due to an upgrade) and may well be run daily/weekly/some-other-periodically by your distro. This is not, by itself, a sign of a problem. In fact, its quite good.
But what did rkhunter actually say? That's the thing that would really have given a clue as to whether there is bad stuff going on (once 'false positives' have been eliminated from rkhunter.log).