Author Topic: Avast network scan - incorrect results ?  (Read 12158 times)

0 Members and 1 Guest are viewing this topic.

Offline MartinZ

  • Advanced Poster
  • **
  • Posts: 1057
  • Product Manager
Re: Avast network scan - incorrect results ?
« Reply #15 on: March 13, 2017, 11:15:16 AM »
Same thing happened to me on my home router.

Avast claimed that I have a weak router password. So I was like haha, what a bullshit I am not stupid and have strong password. But then I looked to the log file and realized that my router has another user/user. ;-)

So I changed that one as well. I am afraid it's configured by the manufacturer. It has less rights, but still can turn on/off wifi etc..

Offline =Snake=

  • Still using Avast Free!
  • Maybe Bot
  • ***
  • Posts: 17412
Re: Avast network scan - incorrect results ?
« Reply #16 on: March 13, 2017, 01:44:49 PM »
I am afraid it's configured by the manufacturer.
Hi Martin!

Well, I don't think so, it's Avast please see https://forum.avast.com/index.php?topic=197896.0!
And I have a router with no username and same result: admin, admin!!!

But the worst is this:
The network scan as part of Smart-Scan told me, that my router is ok. But the HNS-scan means, my router isn't configuered quite right and I have a WEAK_PW!!!


I'm waiting for a fix since Dec, sent pm to lukor twice, no answer, but since March 3 I contacted KL by pm and he promised to help (talking to the devs). Since then, I'm still waiting.
 >:(
=Snake=

« Last Edit: March 13, 2017, 03:26:19 PM by =Snake= »
Desktops: AMD LE1620, W7 ult SP1 [x86] | IP-4, XP pro SP3[x86] | Intel Celeron, W7 ult SP1 [x86] | AMD-Athlon 1800+, XP pro SP3, [x86] in WL |
Laptops:   HP G72 , W10 Home [x64]  v22H2 (Build 19045.2728) | Acer Aspire ES1-131, W10 Home [x64] v1511 (Build 10586.1106)|
Firefox ESR [AOS,NS,uBO,uMatrix],Thunderbird,MCShield,CCleaner,Defraggler,MBAM Free,MBAE, Avast Free Antivirus|

Offline bluto32

  • Newbie
  • *
  • Posts: 14
Re: Avast network scan - incorrect results ?
« Reply #17 on: August 23, 2017, 04:01:23 PM »
Looks like I have a similar issue with my modem/router: TP-Link TD-W9970.

When running a network scan with Avast Free, I initially got two warning messages:

1) Weak service password
2) Weak wifi password

The latter was fair enough, and has gone away now that I have changed the wifi password on my router.

But the first is wrong, claiming that my login and password are both "admin". These were the default values which I have already changed to less obvious things. I have just checked that admin/admin does not log into my router, so I am not sure why Avast is giving this warning.

Bluto

« Last Edit: August 23, 2017, 07:47:22 PM by bluto32 »

Offline WK_schnarfl

  • Jr. Member
  • **
  • Posts: 24
Re: Avast network scan - incorrect results ?
« Reply #18 on: August 24, 2017, 12:44:03 PM »
Ok, I too have a TP-Link Wi-Fi Card, a modem-router from ARRIS (motorola) and AVAST.  Same false positive result.  AVAST states my router is vulnerable, because it can be "accessed by my ISP".   Now, clearly, if my ISP (MIDCO) could not communicate with my modem router, then certainly could not even type these very words.   

Same old security problem:  If something is allowed to go from here to there, then something else might tag along without a permit.  I don't know how to fix this,
one either is overprotective, or not protective enough.   But meanwhile, AVAST should slightly expand its "whitelist.

Thanks
 

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31081
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Avast network scan - incorrect results ?
« Reply #19 on: August 24, 2017, 12:50:38 PM »
You clearly don't understand things.
Having a connection and a ISP that can access the router are two different things.
The last one means your ISP can access the router settings (and likely also the OS).

No, things like this should never be "whitelisted" as it is a security risk.
If your ISP can access the router settings, so can bad guys.

Offline bluto32

  • Newbie
  • *
  • Posts: 14
Re: Avast network scan - incorrect results ?
« Reply #20 on: August 27, 2017, 10:12:59 PM »
WK_schnarfl and Eddy - many thanks for replying.

The warning I referred to is different to WK_schnarfl's: there is nothing about ISPs in mine.

Here is what Avast tells me:

Description
A service on this device has a weak or default password. This is very dangerous situation, because factory-default usernames and passwords are often used by hackers and cybercriminals.
Catalogue ID HNS-WEAK-PASS
Username:
●●●●●●●●admin
Password:
●●●●●●●●admin
Details
Risks
Attackers can access and control a service on this device.
Solutions
Change the access password for this service.


I believe this is a false warning (i.e. a bug) rather than a "false positive" as such, since the admin/admin combo does not log in to my router. It did originally when I first bought it, but I have since changed my login and password. I have just tested admin/admin again, and as expected it does not work. Thus it is a mystery why Avast thinks that there is a weak password here.

Bluto

REDACTED

  • Guest
Re: Avast network scan - incorrect results ?
« Reply #21 on: September 03, 2017, 11:32:28 PM »
first, i've always had strong passwords for both admin and wifi

security warning was driving me crazy so i've spent hours looking for some answers, done a factory reset, updated my firmware btw, set all new passwords for admin and for wifi, new SSIDs etc, double checked all my settings etc

everything is perfect

avast still says my pass is admin admin. shut up avast, you're drunk.



edit: i've also tried the router's telnet interface to see if there's some hidden telnet account still set to admin admin, but no.
« Last Edit: September 04, 2017, 01:18:59 AM by miwoj »

REDACTED

  • Guest
Re: Avast network scan - incorrect results ?
« Reply #22 on: September 04, 2017, 01:17:45 AM »
FOUND IT! Damn i'm good 8). It's not a bug and avast was right all along.

Here, the cause and the solution:

It's router's internal FTP Server.
Like most people I've never used it and i've forgot it's even there.



This is the service with a weak password from the warning.
FTP Server has it's own separate user authentication and it's own admin, that you've probably never gave a proper password.

If you use this ftp server, set a new password here. If not, just disable entire thing.

And done, everything is secure and avast is happy.




Oh, and btw Avast, SOME BETTER DESCRIPTIONS TO YOUR WARNINGS WOULD BE NICE IN THE FUTURE.


« Last Edit: September 04, 2017, 01:32:46 AM by miwoj »

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31081
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Avast network scan - incorrect results ?
« Reply #23 on: September 04, 2017, 06:15:33 AM »
Some routers have a password backup option.
Disable it or avast can flag it.

Offline bluto32

  • Newbie
  • *
  • Posts: 14
Re: Avast network scan - incorrect results ?
« Reply #24 on: September 05, 2017, 11:19:55 PM »
Good detective work, miwoj!

That fixed it for me, too. I agree that Avast's warning is deceptive (it should mention the FTP server username/password), but at least it picked up a potential security problem for which I am grateful.

Out of interest, what could a hacker access if they had your IP address and managed to log into the FTP server of a TP-Link router using admin/admin? The FTP settings are under the heading "USB Settings". Does this mean that a hacker could nab any data on a connected USB hard disk?

Bluto

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31081
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Avast network scan - incorrect results ?
« Reply #25 on: September 05, 2017, 11:29:20 PM »
This should give a good idea on what could be accessed :
http://www.tp-link.com/us/faq-341.html

Offline bluto32

  • Newbie
  • *
  • Posts: 14
Re: Avast network scan - incorrect results ?
« Reply #26 on: September 05, 2017, 11:41:35 PM »
Thanks for the link, Eddy.
Bluto

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31081
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Avast network scan - incorrect results ?
« Reply #27 on: September 05, 2017, 11:59:03 PM »
You're welcome.

Keep in mind that it depends on settings what exactly can be accessed.