Whois; why have I not thought about it at once! ---- 92.92.207.51 --- inetnum: 92.92.0.0 - 92.95.255.255 netname: SFR-USER-DATA descr: Pool for mobile data users descr: Dynamic IP country: FR ---- 195.154.59.140 ---- inetnum: 195.154.48.0 - 195.154.63.255 netname: ISDNET-4 descr: Tiscali France Backbone country: FR ---- 52.32.86.111 ---- NetRange: 52.32.0.0 - 52.63.255.255 CIDR: 52.32.0.0/11 NetName: AT-88-Z NetHandle: NET-52-32-0-0-1 Parent: NET52 (NET-52-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Amazon Technologies Inc. (AT-88-Z) ---- 46.4.37.89 ---- inetnum: 46.4.37.64 - 46.4.37.127 netname: HETZNER-RZ13 descr: Hetzner Online AG descr: Datacenter 13 country: DE So from my point there is still something to be said: * What malware prevention service would connect to the IP of a !!mobile device??!! - none! * What has Amazon Technologies Inc. to do with all of that? - nothing! * sometimes the kraken can also sit in a datacenter or a backbone and this is known -> I had just opened the page of the router in my LAN and nothing else. Last but not least the most unerring sign that something went wrong was in my mind the enduringly long and high CPU fan load (though it is a pity that I did not have a closer look at least by system utilities). It NEVER occurs with a Xi3650 unless it is put under 100% CPU load for pretty much time! Sincerely, Elmar Am 2015-12-04 um 21:59 schrieb mal:
You can figure out who owns IP addresses using `whois`. I assume that's what was used.
CPU fan speed is a bad measure of CPU usage; try `top`, `htop`, etc.
If you value privacy, you should consider using your own recursive resolver.
On 12/04/2015 05:46 PM, Elmar Stellnberger wrote:
ok; fine to know Remi; then there was already everything good with the configuration Jonathan had recommended me! (Qwant will have been there because of the search machine status bar)
However what I would find really interesting are the remaining servers that there was a connection to when the '100% CPU fan' bug hit my machine. I really did nothing at all when it heated up that much; - and the desktop search should not have caused that, I would at least believe.
Elmar
P.S.: By the way which name server did you use for reverse lookup, Remi? 208.67.222.222 (OpenDNS server) did not do that for me in case of the Qwant search engine; even sites like ping.eu do not succeed in the reverse lookup of the 194.187.168.xx addresses.