Page 3 of 3 FirstFirst 123
Results 21 to 26 of 26

Thread: Linux mint security issue. Weird firewall results from shields up.

  1. #21
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    16,568
    Distro
    Ubuntu Mate 16.04 Xenial Xerus

    Re: Linux mint security issue. Weird firewall results from sheilds up.

    Code:
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State      
    tcp        0      0 127.0.1.1:53            0.0.0.0:*               LISTEN     
    tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN     
    tcp        0      0 192.168.0.12:54542      192.168.0.14:8009       ESTABLISHED
    tcp        0      0 192.168.0.12:52294      23.77.240.17:443        ESTABLISHED
    tcp        0      0 192.168.0.12:48586      149.28.200.96:443       ESTABLISHED
    tcp        0      0 192.168.0.12:60308      198.252.206.25:443      ESTABLISHED
    tcp        0      0 192.168.0.12:32904      149.28.193.225:443      ESTABLISHED
    tcp        0      0 192.168.0.12:46152      192.168.0.23:8009       ESTABLISHED
    tcp        0      0 192.168.0.12:37650      192.168.0.14:8008       ESTABLISHED
    tcp        0      0 192.168.0.12:42884      34.210.113.231:443      ESTABLISHED
    tcp6       0      0 ::1:631                 :::*                    LISTEN
    Much easier to read, yes? code tags matter.

    Hopefully, it isn't one of those browser-only VPNs. Would need to see the routing table and network device list to know anything about the VPN.
    Last edited by TheFu; 2 Weeks Ago at 01:49 PM.

  2. #22
    Join Date
    May 2016
    Beans
    14

    Re: Linux mint security issue. Weird firewall results from sheilds up.

    Yes guys I am running a VPN on my chromium, I also have one on Opera. It's a browser add on VPN that I pay for. I am not sure which devices these are on my network because this new modem doesn't show the names like the other one did. Why is chromium connecting to these addresses I don't know. I assume its normal.

    I just did the command for port 8009 and I got this.
    lsof -i :8009
    COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
    chromium- 8524 mint 36u IPv4 116476 0t0 TCP laptop:44368->192.168.0.14:8009 (ESTABLISHED)
    chromium- 8524 mint 40u IPv4 123861 0t0 TCP laptop:44616->192.168.0.14:8009 (ESTABLISHED)
    chromium- 8524 mint 45u IPv4 91714 0t0 TCP laptop:44128->192.168.0.14:8009 (ESTABLISHED)
    chromium- 8524 mint 48u IPv4 186217 0t0 TCP laptop:45378->192.168.0.14:8009 (ESTABLISHED)
    chromium- 8524 mint 53u IPv4 191261 0t0 TCP laptop:33350->192.168.0.23:8009 (ESTABLISHED)
    opera 10008 mint 173u IPv4 191306 0t0 TCP laptop:33352->192.168.0.23:8009 (ESTABLISHED)
    opera 10008 mint 177u IPv4 119109 0t0 TCP laptop:44378->192.168.0.14:8009 (ESTABLISHED)
    opera 10008 mint 182u IPv4 123859 0t0 TCP laptop:44612->192.168.0.14:8009 (ESTABLISHED)
    opera 10008 mint 188u IPv4 188055 0t0 TCP laptop:45374->192.168.0.14:8009 (ESTABLISHED)

    I reinstalled Linux mint. I have Opera and Chromium running at the same time using the same VPN company that I use. This looks like normal proxy VPN activity to me. I have the Firefox browser without the VPN on and it shows no activity like this, it's only the VPN browsers.

    I did log in to my modem and 192.168.0.23 and 192.168.0.14 is online and I have no idea which device it is or why the VPN is connecting to those devices. I have a downstairs neighbour and I assume it might be one off his devices which are a desktop computer and a laptop. I assume this is normal, especially since I just reinstalled mint, setup a GUFW firewall and locked the computer with more passwords.Maybe the VPN is just bouncing off other connections on the network, but that is just a guess.
    Last edited by mark284; 1 Week Ago at 08:15 PM.

  3. #23
    Join Date
    May 2016
    Beans
    14

    Re: Linux mint security issue. Weird firewall results from sheilds up.

    Yes it is the browser VPN, virtualshield.

  4. #24
    Join Date
    May 2016
    Beans
    14

    Re: Linux mint security issue. Weird firewall results from sheilds up.

    OK it seems like those 2 browsers are connected to the Vizio smart TV and a basement speaker connected to my internet network. I go on youtube and youtube says that the cast is available to show what I'm watching on youtube, even though I'm using a VPN. I don't want someone having access to what I'm watching on youtube. It was both Chromium and Opera that popped up saying I can use casting and not firefox. Its pretty much impossible to have privacy even with VPN's, firewalls and Linux. I didn't connect to the cast option for those 2 devices, because I think it will just bypass the VPN's protection. I would just rather not have my computer communicating with these devices. I assume that I manually have to connect to the cast option on that TV thats connected to my network.

  5. #25
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    16,568
    Distro
    Ubuntu Mate 16.04 Xenial Xerus

    Re: Linux mint security issue. Weird firewall results from sheilds up.

    Code:
    sudo ufw deny from {IP of the Vizio}
    Assuming you are using ufw already.

    Trying to hide what you do on youtube is like trying to avoid raindrops, in a downpour, at a nudist beach, with nothing else around for 5 kms. Can't be done.

    I use chromium, but only in a restricted jailed environment and only for non-local purposes. When Opera was sold to a different company, I stopped using it over privacy considerations. I use full, trusted, paid, VPNs, not tied to the browser. Not all VPNs are equal. I also put my chromecast into a drawer when it became clear what the true purpose was for that device. I couldn't bring myself to sell it to someone else.

    BTW, most commercial VPNs will specifically allow local subnet access, since most people would like to have the VPN allow them to print and access local LAN shared resources. If you don't run the VPN, I don't think you get to control the routes to limit the local LAN.

  6. #26
    Join Date
    May 2016
    Beans
    14

    Re: Linux mint security issue. Weird firewall results from sheilds up.

    Sorry for the late reply.

    Still it seems like the browsers are the ones doing this and not the VPN. I will take your advice and delete Opera. I will just use Firefox for my normal day to day personal stuff and I will use Chromium to post and talk trash on youtube and watch videos. The 2 ports are still open, but I open the GUI firewall when I start up. Also sometimes my wifi disconnects and when I go into the network tab, it shows that the Vizio and basement speaker as available in the Wifi menu and then after 1 minute it goes away, connects back and shows the normal access points available. That has been going on the past month. All of this TBH has been going on the past month and i do not trust chromecast either, so I would never cast with it. I will get Nord VPN to install in Linux and add a Chromium browser VPN. The only reason I use VPN browser extensions is due to the company not having a Linux version VPN.

    The firewall I have is the GUI version of UFW. If I put that command in, Is it permanent or do I have to punch it in everyday or can I block it with the GUI version ? I see Opera is bought out by some Chinese company, but the good thing is they wont understand what I'm writing. Nah I get why you wouldn't trust them, you can't trust anything. Firefox and Chromium are open source and that is the most trustworthy. Privacy is dead, however you can try to improve it. Thats why I got a VPN.
    Last edited by mark284; 1 Week Ago at 04:19 AM.

Page 3 of 3 FirstFirst 123

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •