Have I been hardware hacked/backdoored? [closed]

0 投票
最新提问 用户: (120 分)

I'm on Linux Mint, never connected to the internet for weeks, and still not connected, doing some python programming (Python 3.6).

I happened to look at the firewall program in it 'report' section and see this (please not that the firewall was actually set to ALLOW outgoing until I changed it just before this screenshot (it was only set to block incoming). Again, to my knowledge I am not, and have not, been connected to the internet at all and my networking is turned off.:

enter image description here

I'm not a network programmer, but this seems to be showing that these applications have been accessing network ports, correct?

Why would python 3.6 (which I was using) be on this list or ever need to connect to any port at all?? Am I looking at nefarious activity here?

I've heard that software can be placed directly on the hardware of a system. IS it possible that my network interface card could be activated and used without giving any indication?

And again, why would my python 3.6 application be on a firewall report at all?

I'm very concerned about this. Can someone enlighten me?

1个回答

0 投票
最新回答 用户: (140 分)

What you are looking at are mostly servers that are listening for incoming connections. That certainly covers ntpd, cups, ntpd.

It looks like some python programs have also been listening for connections, maybe as part of your programming exercises.

The fact that programs are listening for incoming connections doesn't mean anything has actually connected to them, or even that anything could.

An address of "*" indicates that it's a potential connection, not an actual connection that happened.

发表于 用户: (120 分)
Thanks soo much. I feel a bit better.
欢迎来到 Security Q&A ,有什么不懂的可以尽管在这里提问,你将会收到社区其他成员的回答。
...