is my computer transmitting info without my knowledge?

[notthatguy]

I wanted to check if my computer was transmitting info without my knowledge. So I wrote a script that would check the transmitted packets on wlan0 after a certain amount of time had passed.

here is the script...

Code: Select all

#!/bin/bash
ifconfig wlan0 | grep "TX packets:" >> proofoutput
sleep 300
ifconfig wlan0 | grep "TX packets:" >> proofoutput
sleep 900
ifconfig wlan0 | grep "TX packets:" >> proofoutput
sleep 9000
ifconfig wlan0 | grep "TX packets:" >> proofoutput


Here is the contents of proofoutput created by running proof after a clean reboot and logging into gnome-fallback on debian wheezy.

Code: Select all

root@debian:/home/user# cat proofoutput
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0


Well so far it has been hours and still no packets transmitted without my knowledge.



stay tuned, more results from various tools to be posted....

[nolte]

when i read bout ntp transmitting data (or not transmitting data, as others said),
i thought that i would probably get to know the port-number and then run tcpdump for that port-number
tcpdump -i eth0 port <No> -c 100 -w save.pcap # seems obvious, right? -i interface, port is port, -c is packageCount and -w is write to file.
tcpdump -r save.pcap > save.txt # to read it
I was able to figure out the port, but ain't got it installed on this machine. If in doubt i would go for "nmap -p- localhost" to scan all 65535 ports. The output of tcpdump is a bit abstruse, though (hence scanning only for that port, else its complete babel).
I got no clue if that will open any insight, but, like said, that is what i would do. Just discovered "nc". Again: no idea, but at least its fun
(it was said to be a poor mans dos: "while true; do echo "GET" | torify nc <ip> <port>; sleep .1; done" but it does no nothing and for sure no harm).

Your computer is transmitting with your knowledge, and the ISP takes it without your knowledge, and then sells it in your very best interest.

I installed ntop, but never looked that close. I think there might be some interesting links to be found. Didn't i post a link to some network-monitoring tools short ago? http://wiki.ubuntuusers.de/Netzwerk-Mon ... light=ntop

Did that make any sense? I am not sure myself... back to staying-tuned-mode now.