Author Topic: Avast Business triggering IPS DNS.Invalid.OPcode (Read 2202 times)

hillen · « **on:** May 31, 2018, 02:45:15 PM »

We have begun migrating over to the Avast Business Pro and I have about a half dozen machines triggering our IPS system with DNS.Invalid.OPcode as they attempt to hit vpn-gw-prod-004-tor0-sfl.ff.avast.com, vpn-gw-prod-003.mil0-sfl.ff.avast.com, vpn-gw=prod-006-tor0-sfl-ff-avast.com, etc.

Providing a sample of the trigger.

Question is, is Avast doing something non-standard with DNS or could this be a false positive. We did not see anything like this when using Endpoint Security Suite.

Paul

hillen · « **Reply #1 on:** May 31, 2018, 07:28:29 PM »

Anyone interested - it is the SecureLine VPN contacting home. Still not sure what it is doing behind the scenes to trigger the IPS event, but we removed it from our systems and the situation is now gone.

-Paul

Author Topic: Avast Business triggering IPS DNS.Invalid.OPcode (Read 2202 times)

hillen

Avast Business triggering IPS DNS.Invalid.OPcode

hillen

Re: Avast Business triggering IPS DNS.Invalid.OPcode