[Advanced] Tracing a hook/trigger

Joined
Oct 18, 2021
Messages
17
Reaction score
7
Credits
228
Hi,

I have two difficult to solve instances and I'd love if i get help from somebody who has advanced knowledge in computer networking.

Every time i join a teams meeting and the volume of my microphone changes. Assuming that at one point my microphone was too loud and somebody was lowering the volume of my mic because they didn't want to tell it to me directly. I did ask them and they said that they were not doing it. The volume on the top right corner literally changes before my eyes.

So my question is, how do i trace this? What information can i pull over the network connection? What are my option of tracing this? It's a zoom setting - that's for sure, but i want to know more of it.

Another thing - the brightness of my screen changes. It's changing while i'm writing this. The room is really bright so it's not automatic from the laptop's hardware (which happens during the day, when the room is not that bright, the brightness of my screen gets lower) but at the moment there is a lot of light and the brightness changes from 0 to 100 like somebody is touching it with a button.

There's a possibility that something is going terribly wrong and i want to know more of it.

I'm using Kali Linux.

Cheers,
Anthony Ivanov
 


It's possible it's something local, and not on the network.

ps -ef | grep teams

The problem with teams, is that it's not only multi-threaded, it's multi-process
so chance are you'll see a dozen processes if you do this.
But once you find the process you're looking for

strace -p (PID) -ff
 
It's possible it's something local, and not on the network.

ps -ef | grep teams

The problem with teams, is that it's not only multi-threaded, it's multi-process
so chance are you'll see a dozen processes if you do this.
But once you find the process you're looking for

strace -p (PID) -ff

Thanks for writing, i appreciate it.

First of all, it's not teams, it's zoom. I do apologize for the inconvenience, i wrote that it was "teams" by mistake.

Second, i gave it a grep zoom and i got this:
1635344321952.png

What's that supposed to mean?
I couldn't use the strace -p (PID) -ff command, it gives me the same output no matter if i try with a PID name or a number and no matter if i use sudo or not.

zsh: number expected

I don't think that somebody is messing with me right now, is it okay if i get some tips on how i can trace malicious access to my computer?
I'm using sudo netstat -atupen output to see the connections with the laptop, i use nmap to scan ip addresses, but i need more.

How can i block an IP and how do i break the connection of that IP without blocking it?

I found out that:
sudo iptables -I INPUT -s xxx.xxx.xxx.xxx -j DROP
Can block ip connections with a linux server, but i'm not using a server. When i type in the command and after that scan for ip connections and i see the ip i wanted to block - it's still there.

Thanks in advance,
- Anthony
 

Members online


Top