Why is my GNU/Linux distro sending packets somewhere?

Hey there.Today I was using my GNU/Linux trisquel as always, but I’ve tried to launch tcptrack, a program for monitoring traffic. Suddenly, even with no opened network programs, my Linux was sending packets somewhere. I’ve tried to run chkrootkit/rkhunter but the results were okay. I suspected that tcptrack also checks traffic from other PCs in my network, but the IP in Client page was mine.
So, is my system compromised?

umm…can you try with wireshark ? or just give us IPs i mean to know where excatly your net goes

Hi there. I’ve collected some IPs so here are they:
88.208.55.198
51.38.134.104
128.103.64.84
23.185.0.1
45.79.160.19
23.14.1.251
104.27.165.69
104.31.66.50
104.20.10.17
208.82.237.226

  • I’ve noticed that some of them are blacklisted/belong to Tor, to other sites in malware blocklists etc. This freaks me out even more.

this is weird actually, are u running tor in whole system ? (as proxy)

Hey there. First of all, nope, I don’t use TOR for proxy.
Second of all, I found out the reason of all that mess.
When I boot my PC, some packets are being sent to APT servers/other software servers for synchronization, after one or two minutes these connections stop. Also, tcptrack for some reason “thinks” that connections from my brother’s spyware Win 10 are mine. So, that’s why I see a lot of sh|t coming from “my” PC.