Dump network traffic from your ethernet device eth0 to a text file called mydump. CTRL+c will stop tcpdump (or any console application in the foreground). Review the dump file with vi, cat, gedit or nano for suspicious ports and connections.

Replace eth0 with your ethernet device gathered from ifconfig.