which pgm is accessing the net?
Locked
 
|
Running 16.04 updated [yes - will be updating]. :-) My external hardware
firewall [firewalla] alerts me when it sees 'different' activity. Getting several 'watching video" alerts re googlevideo.com. But, not watching any video [that I know of]. Still have perhaps 50 pages or so open in several browsers, which seems like a likely candidate, but all ads, on-page videos, etc have been stopped. Is there a way to find out exactly which pgm is accessing the net, preferably with the net address it's using, and giving me the pgm pid? If not, what's the best way to figure this out? I'd rather not shut down one little thing, wait a day or so to see if it's stopped, then another little thing, and so on. I'd like something faster, easier, and more precise, if possible. Thanks -- ubuntu-users mailing list [hidden email] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
Re: which pgm is accessing the net?
|
|
On Sun, 3 Jan 2021 20:43:31 -0800, rikona wrote:
>Still have perhaps 50 pages or so open in several browsers, which >seems like a likely candidate, but all ads, on-page videos, etc have >been stopped. I seriously doubt that pausing a video does stop a flash player from causing traffic, assuming it's software from Adobe or Google. In my experiences there's no "stop", let alone an "off" option. I usually see a "pause" or "play" button only. FWIW at least Firefox re-enables google crap all the time, see about:config, "safebrowsing" is for "it's safe that Google can spy you", so it's unlikely that a media player mainly aimed to show advertising, doesn't do something evil in the background, even if it doesn't play a video. "Skip ad in n seconds" and be ready for the next ad our algorithm will assign to you, based on the data mining our "gratis" services and programs do. -- ubuntu-users mailing list [hidden email] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
Re: which pgm is accessing the net?
|
|
04 January 2021 at 8:33, Ralf Mardorf via ubuntu-users wrote:
Re: which pgm is accessing the net? (at least in part) >I seriously doubt that pausing a video does stop a flash player from >causing traffic, assuming it's software from Adobe or Google. In my >experiences there's no "stop", let alone an "off" option. I usually see >a "pause" or "play" button only. FWIW at least Firefox re-enables google >crap all the time, see about:config, "safebrowsing" is for "it's safe >that Google can spy you", so it's unlikely that a media player mainly >aimed to show advertising, doesn't do something evil in the background, >even if it doesn't play a video. "Skip ad in n seconds" and be ready >for the next ad our algorithm will assign to you, based on the data >mining our "gratis" services and programs do. Adding ALL (I've got 463 so far) google servers to your Hosts file may help with that, but you "may" lose something you would miss, for me I find almost no loss of service doing this -- ubuntu-users mailing list [hidden email] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
|
|
In reply to this post by ubuntu-users mailing list
On Mon, 4 Jan 2021 08:33:28 +0100
Ralf Mardorf via ubuntu-users <[hidden email]> wrote: > On Sun, 3 Jan 2021 20:43:31 -0800, rikona wrote: > >Still have perhaps 50 pages or so open in several browsers, which > >seems like a likely candidate, but all ads, on-page videos, etc have > >been stopped. > > I seriously doubt that pausing a video does stop a flash player from > causing traffic, assuming it's software from Adobe or Google. In my > experiences there's no "stop", let alone an "off" option. I usually > see a "pause" or "play" button only. FWIW at least Firefox re-enables > google crap all the time, see about:config, "safebrowsing" is for > "it's safe that Google can spy you", so it's unlikely that a media > player mainly aimed to show advertising, doesn't do something evil in > the background, even if it doesn't play a video. "Skip ad in n > seconds" and be ready for the next ad our algorithm will assign to > you, based on the data mining our "gratis" services and programs do. That's kinda my view also, and why I was asking if there's a way to identify **exactly which program** is accessing the net, preferably with an IP address and a pid so I can tell which part of a multi-part pgm is responsible. How can I do that? -- ubuntu-users mailing list [hidden email] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
|
|
In reply to this post by ubuntu-users mailing list
On Mon, 04 Jan 2021 08:06:52 -0000
Grizzly via ubuntu-users <[hidden email]> wrote: > 04 January 2021 at 8:33, Ralf Mardorf via ubuntu-users wrote: > Re: which pgm is accessing the net? (at least in part) > > >I seriously doubt that pausing a video does stop a flash player from > >causing traffic, assuming it's software from Adobe or Google. In my > >experiences there's no "stop", let alone an "off" option. I usually > >see a "pause" or "play" button only. FWIW at least Firefox > >re-enables google crap all the time, see about:config, > >"safebrowsing" is for "it's safe that Google can spy you", so it's > >unlikely that a media player mainly aimed to show advertising, > >doesn't do something evil in the background, even if it doesn't play > >a video. "Skip ad in n seconds" and be ready for the next ad our > >algorithm will assign to you, based on the data mining our "gratis" > >services and programs do. > > Adding ALL (I've got 463 so far) google servers to your Hosts file > may help with that, but you "may" lose something you would miss, for > me I find almost no loss of service doing this Thanks for the suggestion. In ancient Windows days I used to use a hosts file, but it was a big effort to maintain, and I stopped. I tried blocking the address with the firewall, which is easy. BUT - a couple of minutes later googlevideo comes up again, with a small change in the address. It looks like they have a gazillion addresses they can use, as you are suggesting. :-((( Please refresh my mind. If the actual address is abcde12345.googlevideo.com, and I put just googlevideo.com in the hosts file, will that block any version of the abc... part, or do I need the entire address in hosts? How can I block [whatever].googlevideo.com? And, I'd still like to know if there's a way to ID the actual pgm doing the access. That would be VERY helpful. -- ubuntu-users mailing list [hidden email] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
|
|
In reply to this post by rikona
On Mon, 4 Jan 2021, 04:45 rikona, <[hidden email]> wrote: Running 16.04 updated [yes - will be updating]. :-) My external hardware I would start by shutting down the browser for a while and see if that eliminates the problem. Colin
-- ubuntu-users mailing list [hidden email] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
Re: which pgm is accessing the net?
|
|
nethogs. Install and run in terminal.
-- ubuntu-users mailing list [hidden email] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
Re: which pgm is accessing the net?
|
|
I didn't follow the whole thread but the easiest thing to do is
see if the alerting software had a pid available or a host/port etc. You can find the connections with this, netstat -anp ________________________________________ From: ubuntu-users <[hidden email]> on behalf of Mark Widdicombe <[hidden email]> Sent: Tuesday, January 5, 2021 2:28 AM To: Ubuntu user technical support, not for general discussions Subject: Re: which pgm is accessing the net? Is there a way to find out exactly which pgm is accessing the net, preferably with the net address it's using, and giving me the pgm pid? If not, what's the best way to figure this out? nethogs. Install and run in terminal. -- ubuntu-users mailing list [hidden email]<mailto:[hidden email]> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users -- ubuntu-users mailing list [hidden email]<mailto:[hidden email]> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users -- ubuntu-users mailing list [hidden email] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
Re: which pgm is accessing the net?
|
|
In reply to this post by Mark Widdicombe-2
And, try: “lsof -i -n -P” to see current open connections (and its PID)
From: "Mike Marchywka" <[hidden email]> Date: Tuesday, 5 January 2021 at 09:47:02 To: "Ubuntu user technical support, not for general discussions" <[hidden email]> Subject: Re: which pgm is accessing the net? I didn't follow the whole thread but the easiest thing to do is
see if the alerting software had a pid available or a host/port etc. You can find the connections with this, netstat -anp ________________________________________ From: ubuntu-users <[hidden email]> on behalf of Mark Widdicombe <[hidden email]> Sent: Tuesday, January 5, 2021 2:28 AM To: Ubuntu user technical support, not for general discussions Subject: Re: which pgm is accessing the net? Is there a way to find out exactly which pgm is accessing the net, preferably with the net address it's using, and giving me the pgm pid? If not, what's the best way to figure this out? nethogs. Install and run in terminal. -- ubuntu-users mailing list [hidden email]<mailto:[hidden email]> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users -- ubuntu-users mailing list [hidden email]<mailto:[hidden email]> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users -- ubuntu-users mailing list [hidden email] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het elektronisch verzenden van berichten. This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. The State accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages. -- ubuntu-users mailing list [hidden email] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
|
|
On Tue, 5 Jan 2021 09:27:16 +0000
Hans via ubuntu-users <[hidden email]> wrote: > And, try: “lsof -i -n -P” to see current open connections (and its > PID) > > > From: "Mike Marchywka" > <[hidden email]<mailto:[hidden email]>> Date: Tuesday, > 5 January 2021 at 09:47:02 To: "Ubuntu user technical support, not > for general discussions" > <[hidden email]<mailto:[hidden email]>> > Subject: Re: which pgm is accessing the net? > > I didn't follow the whole thread but the easiest thing to do is > see if the alerting software had a pid available or a host/port etc. > You can find the connections with this, > > netstat -anp Many thanks to all for the suggestions re how to do this!! They give me the info to see who's doing what. :-) Next task is to see which IPs belong to google. In the meantime I figured out how to get the firewall to block the entire googlevideo.com domain, but just for the Ubuntu box, not all the LAN devices. It's also easy to temporarily pause these rules if I do need to watch a YouTube video. :-) I'm beginning to like the Firewalla firewall - nice. I'd recommend it to folks interested. So far, blocking that domain does not seem to have caused any major problems - just less junk on the screens. I am still interested in knowing which web sites were causing the problems, now that I have the info to check that out. Thanks for the help... > ________________________________________ > From: ubuntu-users <[hidden email]> on behalf > of Mark Widdicombe <[hidden email]> Sent: Tuesday, January > 5, 2021 2:28 AM To: Ubuntu user technical support, not for general > discussions Subject: Re: which pgm is accessing the net? > > > Is there a way to find out exactly which pgm is accessing the net, > preferably with the net address it's using, and giving me the pgm pid? > If not, what's the best way to figure this out? > > nethogs. Install and run in terminal. > -- -- ubuntu-users mailing list [hidden email] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
Re: which pgm is accessing the net?
|
|
On Tue, 5 Jan 2021 at 20:33, rikona <[hidden email]> wrote:
> > In the meantime I figured out how to get the firewall to block the > entire googlevideo.com domain, but just for the Ubuntu box, not all > the LAN devices. PiHole may help you... https://pi-hole.net/ -- Liam Proven – Profile: https://about.me/liamproven Email: [hidden email] – gMail/gTalk/gHangouts: [hidden email] Twitter/Facebook/LinkedIn/Flickr: lproven – Skype: liamproven UK: +44 7939-087884 – ČR (+ WhatsApp/Telegram/Signal): +420 702 829 053 -- ubuntu-users mailing list [hidden email] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
|
|
On Wed, 6 Jan 2021 13:34:33 +0100
Liam Proven <[hidden email]> wrote: > On Tue, 5 Jan 2021 at 20:33, rikona <[hidden email]> wrote: > > > > In the meantime I figured out how to get the firewall to block the > > entire googlevideo.com domain, but just for the Ubuntu box, not all > > the LAN devices. > > PiHole may help you... > > https://pi-hole.net/ Thanks for the suggestion! That's a VERY interesting pgm, especially since it works for the whole local net. I've been using browser add-ons to help with ads, and this adds another dimension to overall protection. Turns out this is similar to the ad blocking available in the Firewalla firewall. I've not activated that [yet] since I was using browser protection, but will consider doing that. This firewall has a very nice interface which makes it much easier for a network semi-novice like me, even easier than PiHole. My previous experience with firewalls was that one needs to know a lot of very detailed network info in order to get good, thorough protection. And, at least in the firewall hardware I used then, it was really a fixed situation requiring much time/effort to make significant changes. Firewalla has several one click 'pause' options that are quite nice, easy, and fast. So, I'll probably stick with Firewalla, but I really appreciate your suggestion. Thanks... -- ubuntu-users mailing list [hidden email] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
|
|
On Thu, 7 Jan 2021 at 21:10, rikona <[hidden email]> wrote:
> > On Wed, 6 Jan 2021 13:34:33 +0100 > Liam Proven <[hidden email]> wrote: > > > On Tue, 5 Jan 2021 at 20:33, rikona <[hidden email]> wrote: > > > > > > In the meantime I figured out how to get the firewall to block the > > > entire googlevideo.com domain, but just for the Ubuntu box, not all > > > the LAN devices. > > > > PiHole may help you... > > > > https://pi-hole.net/ > > Thanks for the suggestion! That's a VERY interesting pgm, especially > since it works for the whole local net. I've been using browser add-ons > to help with ads, and this adds another dimension to overall protection. > > Turns out this is similar to the ad blocking available in the Firewalla > firewall. Note that PiHole (which is an excellent application) is not a firewall, it works by intercepting the DNS lookup of blacklisted sites. Colin -- ubuntu-users mailing list [hidden email] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
|
|
On Thu, 7 Jan 2021 22:15:43 +0000
Colin Law <[hidden email]> wrote: > On Thu, 7 Jan 2021 at 21:10, rikona <[hidden email]> wrote: > > > > On Wed, 6 Jan 2021 13:34:33 +0100 > > Liam Proven <[hidden email]> wrote: > > > > > On Tue, 5 Jan 2021 at 20:33, rikona <[hidden email]> wrote: > > > > > > > > In the meantime I figured out how to get the firewall to block > > > > the entire googlevideo.com domain, but just for the Ubuntu box, > > > > not all the LAN devices. > > > > > > PiHole may help you... > > > > > > https://pi-hole.net/ > > > > Thanks for the suggestion! That's a VERY interesting pgm, especially > > since it works for the whole local net. I've been using browser > > add-ons to help with ads, and this adds another dimension to > > overall protection. > > > > Turns out this is similar to the ad blocking available in the > > Firewalla firewall. > > Note that PiHole (which is an excellent application) is not a > firewall, it works by intercepting the DNS lookup of blacklisted > sites. > > Colin Yes, thanks for the heads-up. I saw that when I checked it out. Firewalla does a similar thing, using their own DNS cache. For privacy, though, they do NOT look inside the 'data stream', and, as a result, can't block as many ads as a service that looks inside your data. I'll settle for that trade-off, though. :-) I also saw several services that do similar things - you just have to change your DNS on the comp or router, they do the rest. I'd guess the free ones like to look inside data to see what they can sell. :-) I actually wanted a firewall, and got Firewalla. I'm finding it does other useful things as well. They have newer gigabit hardware that can do network segmentation, etc, and is also a router. It is tempting me. :-) Thanks... -- ubuntu-users mailing list [hidden email] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
«
Return to ubuntu-users
|
1 view|%1 views
| Free forum by Nabble | Edit this page |