This is an issue that makes me think… A few days ago, I discovered that I had an unexplained stream of data into my computer. At the same time, my CPU and RAM went overloaded. What is more I found that an equivalent amount of space, about 1.6 GiB is missing in the hard drive. Now even more space has vanished. I have tried to search recently changed files but found nothing. This was after I reinstalled I2P (with apt-get), a coincidence? I have experienced this before, in the days when I still used used Windows. Then I realized that it was malware that stored some kind of information on my drive. I thought I would be spared of such things with Parrot, but I have found no other explanation. Any ideas about this?
Tell us more about your system setup/problem. What kind of ‘unexplained stream of data’ are we talking about? Do you understand the I2P concepts in depth? If not, could this explain unexplained streams of data? Any screenshots to share what you are experiencing? Any saved packets?
Have you downloaded/run any code/software outside the official repository?
Before you jump to conclusions I should also mention hard drive manufacturers advertise space differently. For example 1 terabyte on some drives will says it only has 931.4 gigabytes space total.
Could this relate to “missing space”? You haven’t given us much to go on.
Please get back to us and maybe we can help you figure this mystery out
Yes, I think I understand it. And yes, I have thought of that as an explanation, but I don´t recall that I2P would SAVE any data on my hard drive. And when I say it has diminished, I mean it has done so compared to what it said before. By the way yes, they usually lie about that and it sucks.
When I run rkhunter it says this: Invalid syslog facility/priority value: authpriv.warning
Anything to be concerned about?
And then there is another issue which may be related. I read that Parrot MATE should only use 256-320 MB of RAM memory when idle, but for me it uses almost 1000. Could this be related to any physical problem with my hardware (I don´t think so), or does it suggest that something is in there that should not?
I2p is going to use a lot more memory/streams/space of data to proxify than a standard install of Parrot, plus any browsers you may have open. Along with anything else you installed. Not to mention Parrot Home will run on a diff amount of ram than Parrot Security. Each has a different make up of applications running in background.
Gather some evidence for your suspicions and we can have a look (logs, screenshots showing processes, forensics etc). I really can’t entertain this thread without actual evidence. You haven’t given us much info TBH. Thanks
Speaking of RAM, When i bootup my device, it uses 900-1000 gigs just because I use a robust firewall filtering module & an IDS. The incident occurring with your system is suspicious. If you want to skip the part of capturing data packets and analyzing where your data-stream is coming from or where is it heading out, or what is consuming so much space, I would suggest this:
- Backup your essential data
- Download the latest .iso from the official source
- Grab the signed hashes & try to match the signature of the .iso you’ve downloaded with the respective hash you grabbed.
- Load it up your flashdrive or whichever device you use for flashing your machine using Etcher (assuming that you are on parrot atm) or Rufus (if you are on a windows machine)
- Boot it up on your parrot machine, In this case, make sure not to connect to internet via WiFi or Ethernet (coming on that in a sec)
- During installation, Wipe your whole drive and get a fresh install, stay disconnected from wifi)
- Once the new machine is up and running, take a snapshot of how much data is the parrot currently using using Mate Disk Usage Analyzer Or the similar counterpart of KDE.
- Now connect to the Internet, open terminal as superuser and run
- Carefully take a note of how much data will the upgrade consume on your storage drive.
- Once the upgrade is complete, reboot the machine and take the snapshot of how much data has been consumed by the latest packages on your storage disk. Make sure you do not download or install anything other than what ships by default from the .iso & the upgrade, not even a 500kb wallpaper, for the sake of forensics.
This should give you an estimation about if its the issue with parrot or your device was compromised or you are misunderstanding something or you may have mistakenly downloaded something that was not supposed to be there in the first place.
You could do what @RightToPrivacy said about collecting packets and logs and capturing paths and hops and system forensics but since Im not aware of the level of knowledge you posses, I suggested a simple. easy and effective mathod that would work just fine
Let us know how it goes!
This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.