LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-13-2015, 10:57 AM   #1
pix9
Member
 
Registered: Jan 2010
Location: Mumbai, India
Distribution: ArchLinux, Fedora 24, Centos 7.0
Posts: 177

Rep: Reputation: 19
suspicious downloads on startup from un-reasonable ip


Hi friends,
just today when I logged in I found un-usual amount of bandwidth being utilized soon after I logged in my pc, aftter running ss command I found some established connections on 116.193.170.18 ip after looking up I found it was an Bangladesh's ip. which I found quite suspecious why should my system download some content from an ip which belongs to Bangladesh I immediately droped traffic from that ip, I don't stay in Bangladesh never remembered of opening any sites belonging to that country, now wondering what should I do next to find out that damage has been done to my system?

please also suggest me what all data should I try to collect for investigation next time I see such activity on my system.

I am using fedora 20(x86_64)

regards
Pushkar
 
Old 04-13-2015, 06:12 PM   #2
Keith Hedger
Senior Member
 
Registered: Jun 2010
Location: Wiltshire, UK
Distribution: Linux From Scratch, Slackware64, Partedmagic
Posts: 2,651

Rep: Reputation: 660Reputation: 660Reputation: 660Reputation: 660Reputation: 660Reputation: 660
It appears to be a mirroring site and may wel be quite harmless, was your package manager doing a routine unsupervised update ate time ?
 
Old 04-14-2015, 11:15 AM   #3
pix9
Member
 
Registered: Jan 2010
Location: Mumbai, India
Distribution: ArchLinux, Fedora 24, Centos 7.0
Posts: 177

Original Poster
Rep: Reputation: 19
@Keith Hedger I tried looking for process associated with yum but I didn't found any in output of ps.

regards
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Is this partitioning scheme reasonable Nick_C Linux - Newbie 6 03-15-2012 05:09 AM
netinst downloads and apt-get downloads stalling then restarting Frustin Debian 2 03-08-2012 02:36 AM
XP Downloads Fast ... Ubuntu Downloads Slow :( Dinerty Ubuntu 2 07-23-2006 02:31 PM
Tell me if this sounds reasonable randyriver10 General 5 09-20-2004 10:30 PM
Downloads/Graphical Startup GUI icarusnetworks Fedora 3 04-16-2004 07:08 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:27 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration