Author Topic: TCP (TLS) sequence number error in Avast and possible AVG  (Read 1189 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
TCP (TLS) sequence number error in Avast and possible AVG
« on: April 21, 2017, 10:23:08 AM »
When the host sends an TLSv1 Encrypted Alert message, including a “Next Sequence Number” X, the client will return an acknowledge packet with an ACK value of X-1
When disabling the WebShield, the corresponding ACK packet will use the value X as it should, so the problem is related to Avast
When the host is using a NetScaler as loadballancer v10.1, it will not accept the package causing the tcp session to be broken.

REDACTED

  • Guest
Re: TCP (TLS) sequence number error in Avast and possible AVG
« Reply #1 on: April 21, 2017, 08:09:35 PM »
We are seeing similar behavior against our Netscaler gateways running 11.1 code. We attempted to contact Avast about the issue but they aren't responding. We noticed this behavior roughly 2 weeks ago. Right now our workaround is to have external users remove the product from their machines and install another product.


Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37613
  • Not a avast user
Re: TCP (TLS) sequence number error in Avast and possible AVG
« Reply #2 on: April 21, 2017, 08:23:40 PM »
Quote
We noticed this behavior roughly 2 weeks ago.
Could it be related to the firewall / Portscan bug ?  (I think a fix has been released today?)

if so you may try

Turn off port scan

Avast UI -> Protection -> Firewall -> Settings -> Advanced -> Uncheck "Enable automatic port scan detection"





« Last Edit: April 21, 2017, 08:27:09 PM by Pondus »