> tail your network-monitor.txt file to watch for anomalies in the network connections and check for any strange outflows of data
Don't do that, you can't rely on "watch for anomalies" with your human eyes.
Either you setup something that notifies you after the fact, or you outright block all incoming/outgoing connections until you approve them. Mentioned elsewhere I think in the thread, I think both OpenSnitch, Little Snitch and PiHole can help you with all of these things.
But don't assume you can "watch for anomalies", automation and/or gated access is probably the way to go.
indeed OpenSnitch helps, pihole I'm not so sure (maybe if the c2c servers are in a blocklist...):
https://www.reddit.com/r/linux_gaming/comments/1u34pe3/comme...
I though Pihole could act as a "whitelist-only" DNS server but maybe I'm wrong, that could be an additional layer.
> you can't rely on "watch for anomalies" with your human eyes
Yes, I agree, that's a good call. I would not try to check for anomalies manually with meatware. I would parse the data with python regex tools to establish a baseline and search for anomalous patterns.
I edited my post to reflect the change you suggested.