On 05/12/2020 11:44, home user wrote:
On 12/3/20 10:57 PM, Ed Greshko wrote:
The virbr0 interface is the interface between your system and any qemu/kvm Virtual Machines you deploy. This is an "internal" interface not connected directly to the Internet.
I've never heard of this. I'm not sure, but this seems like something I don't use, at least not explicitly. Is this something that I can remove from the system, or at least turn off (so it won't use CPU), Or is this "under the hood" of things I do use?
If you have no idea about it, you're not using it and probably never will.
So, you can just....
sudo systemctl --now disable libvirtd
Without the "--now" you'd have to reboot for this to take effect.
You most likely don't need mdns (Multicast DNS) and can delete that service. You *may* need dhcpv6-client to properly configure your IPv6 automatically when the system starts.
How do I delete a service (mdns)?
Along with "systemctl --now disable avahi-daemon" You should also remove that service from the firewall.
sudo firewall-cmd --permanent --zone=public --remove-service=mdns sudo firewall-cmd --reload
To address your other post containing all the Screen shots.... [... snip ...] If you want to know more about the "services" shown in the screen shots one way to do it is lookup the service in /etc/services.
[egreshko@meimei ~]$ grep tivoconnect /etc/services tivoconnect 2190/tcp # TiVoConnect Beacon tivoconnect 2190/udp # TiVoConnect Beacon
And then google the description, in this case "TiVoConnect Beacon". Learn, for example, http://tivopod.sourceforge.net/tivoconnect.pdf and see that it is a broadcast protocol used by TiVo devices.
I got the same results.
If I understood you and that pdf file correctly, tivoconnect has nothing to do with watching youtube videos or online streaming (such as Viki, Rakuten, or Zoom). I think I don't use this either. But tivoconnect sure shows up a lot in both columns. Is there something I should remove from the system (via dnf), or shut off?
Let me try this again.
These packets are *not* being generated by your system. They are being "broadcast* by a device on the same subnet as your system is. So, another customer of Comcast has a TiVo box and it is broadcasting to find other TiVo devices. All systems on that subnet will get the broadcast packets.
You *can't* stop them from doing this. All you can do is "ignore" them .... which is what you system is doing since it is dropping all packets as they arrive.
Someone in this thread suggested that outgoing traffic should be examined as well as incoming. That does make sense to me. The firewall-cmd commands I did: did those look at both incoming and outgoing, or just incoming?
For a single user system like I think you have, there isn't any value in doing that. You're more than likely to unintentionally break things.
--- The key to getting good answers is to ask good questions.