So a few days ago, I've noticed the new pattern with PC fan speeds on my Fedora workstation. Every now and then some of the fans will start spinning slightly faster than usual and will continue to do so for about 30 second to one minute. This happens in very light PC usage scenarios such as web browsing, pdf reading... I've noticed, because I had never been able to actually hear fans in my PC in such light usage scenarios before.
Anyway, this could be caused by myriad of things but as a basic sanity check, I wanted to rule out malware. So I did a following:
- check lmsensors and there are indeed small spikes (~100-150rpm) in both CPU and GPU fans
- run clamscan
- check process tree for suspicious entries with ps and top
- check open tcp/udp ports for suspicious entries with netstat
- check cron/anacron files
and nothing suspicious came out.
What are some other basic things I can check to rule out malware? Should I maybe use some other applications for open port or running process listing?
Again this is basic sanity check more than anything. I don't think there is a high chance of my PC actually being infected - I haven't installed anything that is not in official repositories (apart from some GoG games), I always check web pages with Virustotal before visiting them for the first time, I always browse in private mode so caches are cleared on shutdown and I use uBlock Origin with all included filters on.
rpm -pVcan verify an individual package on rpm based systems. So a loop over installed packages can tell you if any file installed is incorrect. Will not catch extra files.-aoption to select all installed packages, so one can runrpm -Vato verify all installed packages in one go.rkhunterchecks for some IoCs, but its main feature (checksumming your binaries) will not help you at this point--pkgmgroption. But this is redundant to aforementionedrpm -Vacommand.