When I connect my modem to my computer, it begins a lot of internet activity... meaning the traffic light on the router shows very heavy traffic.

If I have no browsers open, there is no indication of updates in progress and essentially the computer is at idle with no user programs or browsers running, what does this indicate?

Coming from windows, my concern is that malware is at work.

When I connect my modem to my computer, it begins a lot of internet activity... meaning the traffic light on the router shows very heavy traffic.

If I have no browsers open, there is no indication of updates in progress and essentially the computer is at idle with no user programs or browsers running, what does this indicate?

Coming from windows, my concern is that malware is at work.
it also happens to me, not always but sometimes, I think maybe I was under attack, not due to any malware, what I do is swicth off the router and start again, my IP is renewed everytime the router is started and just fixes the problem!

Hi
Are you using Ubuntu?
Do you have a dual boot?
Are you logged in to Ubuntu when it happens?
You can monitor your system activity by opening System>Administrative>System MOnitor. If you have processes listed there that doesn't make sense, can you copy what's on the screen and post it.
Malware and virus infection in linux is extremely rare. If fact if your machine is infected by a virus, I think we should put it on ebay you'll make money out of it. :)

thank you

Donato Roque

When I connect my modem to my computer, it begins a lot of internet activity... meaning the traffic light on the router shows very heavy traffic.

If I have no browsers open, there is no indication of updates in progress and essentially the computer is at idle with no user programs or browsers running, what does this indicate?

Coming from windows, my concern is that malware is at work.

open terminal and do

netstat
this will give u a list of active connections

You can also install "conky", then save the following text quoted below as "~/.conkyrc", press alt-f2 and type "conky". The .conkyrc is set up to include/list network connections, so you can instantly see where your box is connecting to etc. I find this neat as it provides an unobtrusive way to keep tabs on whats running on the box, using the CPU, using memory, and using the network by basically displaying this info as part of your desktop. (You may want to change the font specified if you dont have "Liberation Sans".)


background yes
use_xft yes
xftfont Liberation Sans:size=9
xftalpha 0.1
update_interval 2.0
total_run_times 0
own_window yes
own_window_type normal
own_window_transparent yes
own_window_hints undecorated,below,sticky,skip_taskbar,skip_pager
double_buffer yes
minimum_size 200 5
maximum_width 300
draw_shades no
draw_outline no
draw_borders no
draw_graph_borders no
default_color white
default_shade_color black
default_outline_color black
alignment top_right
gap_x 18
gap_y 48
no_buffers yes
uppercase no
cpu_avg_samples 2
net_avg_samples 1
override_utf8_locale no
use_spacer right

TEXT
$sysname $kernel $alignr $machine
CPU clockspeed $alignr${freq_g cpu0}Ghz
$alignr
${cpugraph cpu0 16,200 ffffff ffffff}
Core 1 ${cpu cpu1}% ${cpubar cpu1}

MEM $alignc $mem / $memmax $alignr $memperc%
$membar

/ $alignc ${fs_used /} / ${fs_size /} $alignr ${fs_free_perc /}%
${fs_bar /home}
/windows $alignc ${fs_used /windows} / ${fs_size /windows} $alignr ${fs_free_perc /windows}%
${fs_bar /windows}

Disk i/o ${diskiograph 16,200}

Processes
$alignr $running_processes Running
$alignr $processes Sleeping

Top Processes

CPU $alignr CPU% MEM%

${top name 1}$alignr${top cpu 1}${top mem 1}

MEM $alignr CPU% MEM%

${top_mem name 1}$alignr${top_mem cpu 1}${top_mem mem 1}

IP on eth0 $alignr ${addr eth0}

Down $alignr ${downspeed eth0} kb/s
${downspeedgraph eth0}
Up $alignr ${upspeed eth0} kb/s
${upspeedgraph eth0 16,200}

Connections ${tcp_portmon 32768 61000 count} ${alignr} Service/Port

${tcp_portmon 32768 61000 rhost 0} ${alignr} ${tcp_portmon 32768 61000 rservice 0}
${tcp_portmon 32768 61000 rhost 1} ${alignr} ${tcp_portmon 32768 61000 rservice 1}
${tcp_portmon 32768 61000 rhost 2} ${alignr} ${tcp_portmon 32768 61000 rservice 2}
${tcp_portmon 32768 61000 rhost 3} ${alignr} ${tcp_portmon 32768 61000 rservice 3}
${tcp_portmon 32768 61000 rhost 4} ${alignr} ${tcp_portmon 32768 61000 rservice 4}
${tcp_portmon 32768 61000 rhost 5} ${alignr} ${tcp_portmon 32768 61000 rservice 5}


Edit: To put your mind at ease, it is extremely unlikely that it's malware at work, unless you've somehow done something that's allowed your box to be compromised, which is also quite unlikely. (Have you been messing around with the root account at all?)

Worked like a CHARM :P

thank you VERY much !!!!

I wouldn't worry about the traffic light of your router. A router has to send packages around the network itself, so does a computer, so there is pretty much always traffic which not necessarily going to the internet.

So, is Conky perferable? Are there any alternatives. I looked at the sourceforge website for some screenshots, is it customizable? And what is the difficulty level for using and customizing Conky?:KS

So, is Conky perferable? Are there any alternatives. I looked at the sourceforge website for some screenshots, is it customizable? And what is the difficulty level for using and customizing Conky?:KS

For monitoring network traffic? The "netstat" command is the best tool for that.

If you just want desktop eyecandy then sure, Conky is cool and yes, it's also customizeable. Difficulty level depends on how much you enjoy doing configuration by editing text files.. ;)