In this day & age, it is almost impossible to detect who is lurking in the background in our system while we use our Ubuntu desktop / Laptop.

Any idea of how to detect such intrusion or how to block it from happening.

I am not a programmer - rather a mid-level user.

thanks

1

1 Answer

I would suggest looking for the users running processes, using a simple

ps -eo user | sort | uniq -c

that does the following:

1. prints any user name that is running anything on your pc
2. sort this list descending (by username)
3. count how many processes each user is running.

For example on my pc (my username is davide) the output is

ps -eo user | sort | uniq -c 2 avahi 1 colord 113 davide 34 gdm 1 geoclue 2 kernoops 1 messagebus 167 root 1 rtkit 1 syslog 1 systemd-resolve 1 systemd-timesync 1 USER 1 uuidd 1 whoopsie

Then I can investigate this more, for example if I want to know what avahi is doing:

ps axu | grep avahi
avahi 1176 0.0 0.0 47264 3128 ? Ss 21:26 0:00 avahi-daemon: running [brenna.local]
avahi 1186 0.0 0.0 47076 336 ? S 21:26 0:00 avahi-daemon: chroot helper

2

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password Submit

Post as a guest

Post Your Answer Discard

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy