Re: Strange network activity after updates

To: debian-user@lists.debian.org
Subject: Re: Strange network activity after updates
From: Frank McCormick <debianlist@videotron.ca>
Date: Fri, 03 Aug 2012 15:06:57 -0400
Message-id: <[🔎] 501C2151.20005@videotron.ca>
In-reply-to: <[🔎] 1344016574.51012.YahooMailNeo@web126102.mail.ne1.yahoo.com>
References: <[🔎] 1344016574.51012.YahooMailNeo@web126102.mail.ne1.yahoo.com>

Sorry first reply went to his email address -


On 03/08/12 01:56 PM, Paul Zimmerman wrote:

Today I downloaded a large group of updates, including Open Office and some dns-related utilities. Once they were applied,

> some strange network activity started on my machine. It keeps sending> and receiving about 10-14k per second but I cannot find any programs> that would be

> doing anything on the network. Trying to figure out what is going on,

I installed iftop and it says there is a constant connection to239.255.255.250 and various transient connections to sites likevc-in-f106-1e100.net --

which turns out to be owned by Google --
and other sites like something called activeminds.net.


Activeminds.net is actually activeminds.de....an ISP in Germany

I know the constant connection is a multicast address, but what is thisother stuff?It looks like something is broken/misconfigured or an outright hack ofthe Debian repository has occurred and many Debian systems are now partof a botnet.


Certainly hope not



My Debian box is staying offline until I find out what is going on.



--
Cheers
Frank

Reply to:

Follow-Ups:
- Re: Strange network activity after updates
  - From: Darren Baginski <kickbsd@yandex.ru>

References:
- Strange network activity after updates
  - From: Paul Zimmerman <aiwanar@yahoo.com>

Prev by Date: Re: Debian segítség / Debian support
Next by Date: Re: Strange network activity after updates
Previous by thread: Strange network activity after updates
Next by thread: Re: Strange network activity after updates
Index(es):
- Date
- Thread