Re: Konqueror - security hole or bug?
On Wed, Jun 15, 2016 at 09:32:18AM +0200, Hans wrote:
> Dear community,
>
> I found a strange behaviour with konqueror (does anyone use it?) and I believe
> it is either a bug or a security problem.
>
> the problem is the following:
>
> I discovered, that my network card is doing a lot of traffic, although I did
> nothing with my computer (heavy blinking of my traffic led). Using etherape and
> wireshark, I could prove, that there is really a lot of traffic from my computer
> into the internet. However, I could not see, what content it was.
>
> At last I found out, that a process called "konqueror" (which is of course the
> browser) caused this heavy traffic. BUT konqueror was already safely ended by
> me!
I don't run KDE... Perhaps it is staying around for quick launch later?
> Further testings prove, that this behaviour appears from time to time. It also
> appears, that this behaviour only happens on certain websites. These are
> www.heise.de and youtube.com, but maybe others not.
By looking at the DNS requests, you should be able to gather clues about that...
I'd recommend using tcpdump to gather traffic into a file, which you
can then later examine with e.g. wireshark.
> As I do not know, if it is just broadcast traffic or real content, we should
> have an eye on it. Maybe somebody else can confirm this or saw this in the
> past.
By looking at the IP addresses, you should be able to see whether it
is broadcast, multicast or point-to-point traffic...
Hope this helps
--
Karl
Reply to: