Worried about security


I have installed linux OS many times but recently, it look like hacked or controlled by other to me. Because,

  1. WiFi worked correctly on fresh install or live OS, but after some times
    a) clone same wifi name (e.g. wifiname 1, wifiname 2, ....)
    b) no internet but wifi connected
    c) if change clone mac randomly, disable ipv6 and wifi security, prompt wifi password again and create new one

  2. suck a little when move cursor

  3. Hang

  4. Strange behaviors

Would you please suggest me how to ensure that no one control my PC or hacked me? or if so, what should i do? I have changed several linux os but it close to same. I have used lynus, clamav, log checked but nothing suspicious to me. although i am not security expert. please help. thanks to all.

1 Like

Tried the choices Deny and Refuse for both Incoming: and Outgoing: in the firewall options? If this doesn't block an attempt to access your computer as you think it's happening please restore the previous choices. Default settings are Status: ON, Incoming: Deny and Outgoing: Allow (showed at firewall utility startup by the way).

1 Like

See Page 148 of my unofficial manual for Zorin 17 Mk.II Bitstream Vera Sans pdf.

Misbehaving doesn't necessarily mean that your computer has been compromised. It would be a very sloppy way for an attacker to draw attention unnecessarily, unless the intention is just to be annoying rather than harmful.
In particular, maintaining a foothold on your computer (undetected or otherwise) implies having constant internet access; messing with this would be a clumsy way for an attacker to limit their access to your machine.

Having a Wi-Fi connection means your computer is connected to an access point, namely the router. There are a lot of things that could go wrong between your router and your internet service provider (ISP). You may want to reach out to them to ask about any recent outages, for example.

The best way to deal with this would be to re-install the OS, but if this behavior happens across multiple re-installs, then it's likely something wrong with the hardware. Either that, or you're dealing with some serious piece of malware that can survive this. If you suspect this is the case, talk to a cybersecurity professional.

In addition to monitoring running processes with the System Monitor (look for processes that are constantly running using a lot of resources), you can check for active network connections. In a terminal:

This will list running processes in your computer that are listening for connections.

sudo ss -nutlp

This will list active network connections and the processes that initiated them.

sudo lsof -Pin

It would be a good idea to at least make a note of this information so that you can contrast it over time.


I agree with zenzen. This sounds like a router problem. If you don't have a reason to leave the router on all night I would suggest this test. Turn off the router each night so that it gets reset when you turn it back on in the morning. If the problem is gone for several hours but comes back then restart the router again. You could have some problem with the router after it has been working for a long time. I have replaced routers before because of this. If restarting the router gets it back to normal then I would try another router.

1 Like