So maybe there is something to this with version 20?[Solved]

Questions about other topics - please check if your question fits better in another category before posting here
Forum rules
Before you post please read how to get help
User avatar
wutsinterweb
Level 5
Level 5
Posts: 892
Joined: Tue Feb 28, 2017 2:14 am
Location: Connecticut, USA

So maybe there is something to this with version 20?[Solved]

Post by wutsinterweb »

So I've made several posts about both my computers having a lot of problems with the new Version 20 OS with Cinnamon. On suggestion from a family member, I've started watching CPU temps. Both computers are running quite a bit hotter than they did with the previous version. There is definitely something going on. Could I have been hacked? I'm running in excess of 60 degrees at times with my browser and viber only running, with about 6 browser tabs. Right now only this tab is open and I'm at 46 degrees (with is with a very good cooler). On my laptop it does appear that my system locks up when getting hot. I'm not even overclocked or running any apps.

Something is up. Could the copy i downloaded have been hacked before I installed it?
Last edited by wutsinterweb on Sat Oct 10, 2020 10:53 pm, edited 1 time in total.
I'm just a student, your guidance is appreciated.
Welcome
Level 5
Level 5
Posts: 585
Joined: Wed Aug 19, 2020 11:38 am

Re: So maybe there is something to this with version 20?

Post by Welcome »

Did you verify your ISO?
User avatar
wutsinterweb
Level 5
Level 5
Posts: 892
Joined: Tue Feb 28, 2017 2:14 am
Location: Connecticut, USA

Re: So maybe there is something to this with version 20?

Post by wutsinterweb »

I admit that I did not.
I'm just a student, your guidance is appreciated.
User avatar
wutsinterweb
Level 5
Level 5
Posts: 892
Joined: Tue Feb 28, 2017 2:14 am
Location: Connecticut, USA

Re: So maybe there is something to this with version 20?

Post by wutsinterweb »

How can I check the thumb drive now?
I'm just a student, your guidance is appreciated.
Welcome
Level 5
Level 5
Posts: 585
Joined: Wed Aug 19, 2020 11:38 am

Re: So maybe there is something to this with version 20?

Post by Welcome »

The verification steps are only made to verify the ISO, so if you don't still have a copy of the ISO, then you have two choices:

1. Re-download the ISO and verify it. Use it to create a new install USB, and then install it.
--or--
2. Ignore the possibility that the ISO was bad in some way or another. Try to see if there's anything unusual happening with your system.
User avatar
wutsinterweb
Level 5
Level 5
Posts: 892
Joined: Tue Feb 28, 2017 2:14 am
Location: Connecticut, USA

Re: So maybe there is something to this with version 20?

Post by wutsinterweb »

Ok, I found that the ISO I had downloaded was still on a storage drive, the one I'm pretty sure I used. I checked it, and it has integrity. So I guess it wasn't hacked.
I'm just a student, your guidance is appreciated.
User avatar
wutsinterweb
Level 5
Level 5
Posts: 892
Joined: Tue Feb 28, 2017 2:14 am
Location: Connecticut, USA

Re: So maybe there is something to this with version 20?

Post by wutsinterweb »

How much network activity should there be with the browsers and all windows closed? I imagine some since the OS checks for updates?
I'm just a student, your guidance is appreciated.
User avatar
wutsinterweb
Level 5
Level 5
Posts: 892
Joined: Tue Feb 28, 2017 2:14 am
Location: Connecticut, USA

Re: So maybe there is something to this with version 20?

Post by wutsinterweb »

Also, there is a reason I am paranoid. One of my cards got hacked and there are two other possibilities, that the card was skimmed or that the provider was hacked. I think the card had been skimmed.
I'm just a student, your guidance is appreciated.
Welcome
Level 5
Level 5
Posts: 585
Joined: Wed Aug 19, 2020 11:38 am

Re: So maybe there is something to this with version 20?

Post by Welcome »

I have very little network activity.

But, are you using a VPN?

Some items can be turned off to reduce any activity:
Would you be willing to change Update Manager to check less often for updates?
Do you use flatpaks? The startup of flatpak can be disabled in "Startup Applications"
Under "Privacy" you can turn off "Check connectivity"

Finally, are you a computer science or engineering major? I ask because I wonder if you'd be able to monitor network traffic with either Wireshark or tcpdump. This might be too complicated unless you've got some background. Please let me know how you feel about this.

If you feel confident, and your current network is something like 192.168.xxx.xxx, you could try this:

Code: Select all

sudo tcpdump -v 'ip and not broadcast and not multicast and not net 224.0.0.0 mask 255.255.255.0 and not net 239.255.255.0 mask 255.255.255.0 and ((src net 192.168.0.0 mask 255.255.0.0 and not dst net 192.168.0.0 mask 255.255.0.0) or (not src net 192.168.0.0 mask 255.255.0.0 and dst net 192.168.0.0 mask 255.255.0.0))'
User avatar
wutsinterweb
Level 5
Level 5
Posts: 892
Joined: Tue Feb 28, 2017 2:14 am
Location: Connecticut, USA

Re: So maybe there is something to this with version 20?

Post by wutsinterweb »

Did all that but the Comp Sci thing. Nope, I gave up on college after having funding problems. I started taking classes a few years ago, but I'm 62 now and have poor health and no money, so school isn't possible. If it's way above my head, I guess I couldn't do it, but I could certainly true.
I'm just a student, your guidance is appreciated.
User avatar
wutsinterweb
Level 5
Level 5
Posts: 892
Joined: Tue Feb 28, 2017 2:14 am
Location: Connecticut, USA

Re: So maybe there is something to this with version 20?

Post by wutsinterweb »

My ISP supplies a gateway that uses a different network scheme, and not that one, it starts with 10.x.x.x
I'm just a student, your guidance is appreciated.
Welcome
Level 5
Level 5
Posts: 585
Joined: Wed Aug 19, 2020 11:38 am

Re: So maybe there is something to this with version 20?

Post by Welcome »

If you're not using a VPN connection, we could try something. You could take that tcpdump command and run it in a terminal. But, before you start it, exit your browser and any other programs that might access the internet. Let it run for 10 minutes or so. It'll capture anything trying to access the internet from your computer. If you post the results here, I'll be glad to review the output and tell you what's going on.

If the output is small, just post it here and enclose it with [code] ... [/code]. You can easily do this by highlighting all of the output and then clicking on the </> button above the edit window. If it's really long, you'll need to place the file on a server and then post a link to it.

EDIT: WAIT ... I'll post an updated version in a minute!
Welcome
Level 5
Level 5
Posts: 585
Joined: Wed Aug 19, 2020 11:38 am

Re: So maybe there is something to this with version 20?

Post by Welcome »

Use this version:

Code: Select all

sudo tcpdump -v 'ip and not broadcast and not multicast and not net 224.0.0.0 mask 255.255.255.0 and not net 239.255.255.0 mask 255.255.255.0 and ((src net 10.0.0.0 mask 255.0.0.0 and not dst net 10.0.0.0 mask 255.0.0.0) or (not src net 10.0.0.0 mask 255.0.0.0 and dst net 10.0.0.0 mask 255.0.0.0))'
To stop tcpdump, select the terminal and press Ctrl-c.

Remember, before starting tcpdump, exit your browser and any other programs that may be accessing the internet. This will tell us if you have something in the background accessing the internet.
User avatar
wutsinterweb
Level 5
Level 5
Posts: 892
Joined: Tue Feb 28, 2017 2:14 am
Location: Connecticut, USA

Re: So maybe there is something to this with version 20?

Post by wutsinterweb »

Ran it and there were a number of comcast with the same ip with different ports (checking on my laptop). comcast is my provider.
I'm just a student, your guidance is appreciated.
Welcome
Level 5
Level 5
Posts: 585
Joined: Wed Aug 19, 2020 11:38 am

Re: So maybe there is something to this with version 20?

Post by Welcome »

That's good. You're temps are really normal, too, by the way.

You can monitor your system activity with System Monitor. Click on the Resources tab to watch what's going on. If something seems to be using a lot of CPU power, you can switch over to the Processess tab, and click on the % CPU column to see what's keeping the CPU busy.

If you want an application to monitor your temps, I'd recommend psensor. After installation, start it up. The window isn't set right at first ... you'll need to drag the window open wider and you'll want to select some sensors to be graphed. I recommend selecting your CPU and GPU temp sensors at a minimum.

I've had my credit card numbers used by some unknown people. One number that was stolen was only used on eBay. Another number that was stolen seemed to happen after I had some missing mail. And a third was stolen after I had used it at a shop that insisted on making a photo copy of my credit card. That was the only time I used that card. It happens.
User avatar
wutsinterweb
Level 5
Level 5
Posts: 892
Joined: Tue Feb 28, 2017 2:14 am
Location: Connecticut, USA

Re: So maybe there is something to this with version 20?

Post by wutsinterweb »

there is also googleuser listed in the readout. How do i tell if my ports are being scanned
I'm just a student, your guidance is appreciated.
User avatar
antikythera
Level 9
Level 9
Posts: 2661
Joined: Thu Jul 02, 2020 12:52 pm

Re: So maybe there is something to this with version 20?

Post by antikythera »

gibson research shieldsup all service ports scan will tell you if the system can be seen from the internet or not. I doubt you are being port scanned. The kernel and power management in Mint 20 from Ubuntu 20.04 will interact differently with your hardware than in previous builds of Linux Mint based on either 18.04 or earlier if you skipped Mint 19. That alone can lead to compromised power management and higher temperatures.

https://www.grc.com/x/ne.dll?bh0bkyd2
Don't take life so seriously, nobody gets out alive anyway!
AMSTRAD CPC6128 - 128KB RAM, 3" Hitachi Floppy Diskette Drive, External Sony Cassette Recorder, Locomotive BASIC 1.1, CTM-644 Monitor
Welcome
Level 5
Level 5
Posts: 585
Joined: Wed Aug 19, 2020 11:38 am

Re: So maybe there is something to this with version 20?

Post by Welcome »

Some probing will be the result of a program or app that you've recently run. A server somewhere that you've recently connected to may be trying to reconnect to you. Do you have a Google account or do you use gmail? Or, it could be as a result of Viber.

You'll want to watch for connections that appear totally out of place. Sometimes you'll need to check an IP address to see where it's going to. In the process, you'll learn a lot about CDNs. To check an IP address, you'll want to use one of the "whois ip address check" type sites on the internet.

It might be better to run the tcpdump command early in the morning before you go online (assuming your system has been turned off over night).
User avatar
wutsinterweb
Level 5
Level 5
Posts: 892
Joined: Tue Feb 28, 2017 2:14 am
Location: Connecticut, USA

Re: So maybe there is something to this with version 20?

Post by wutsinterweb »

Ah, well that tells me a lot of what I was wondering and thinking.

I will tear down both systems in the coming days and do a major dusting just to make sure. Right now the tower is showing 42 degrees up to 45, with my AC running and it cool in here. I was running cooler before, but turning off those things, especially flatpack, am I right to wonder if that helped?

I'll be sure to run Gibson's service later on, I recall that now, it's been so long since.

By the way, I WAS a student, not officially now, but I'm still actively learning but my focus for the last year has been on musical things. I've started to feel that there is no way that, at 62 years, I can ever get work in a science trade again. My days of being smart are over, there was a time though... I also might be losing sight in one eye, in the process of it being checked.

I ask dumb questions because I'm a very open and direct person, not a total idiot, but I do do dumb things at times, like assuming I had user agent switcher turned off for instance. And being too anxious when I downloaded and installed the OS to check and verify like I should have. I'm an idiot!
I'm just a student, your guidance is appreciated.
Welcome
Level 5
Level 5
Posts: 585
Joined: Wed Aug 19, 2020 11:38 am

Re: So maybe there is something to this with version 20?

Post by Welcome »

By the way, did you enable your firewall? If not, run Firewall and click on the "Status" switch to enable it.

To make sure there's no interruption from your firewall to your normal system usage, click on the "Report" tab in Firewall and enable the rules shown one-by-one by selecting a rule and then clicking on "+" at the bottom of the window. You might see "avahi-daemon", "NetworkManager" and "cups-browsed" for both UDP and UDP6.
Post Reply

Return to “Other topics”