Author Topic: Network Connections made by com.avast.proxy & com.avast.securedns  (Read 1534 times)

0 Members and 1 Guest are viewing this topic.

Offline petrusUS

  • Newbie
  • *
  • Posts: 1
In an attempt to tighten up network messages coming from my iMac to the internet, I am using an app called Little Snitch - https://computers.tutsplus.com/tutorials/how-to-monitor-your-macs-connections-with-little-snitch--mac-47025.  This allows me to set a rule for every network interaction going to or being sent by my Mac.  Once set up, it takes some time to make a decision on every app and port communication.  Once done, there's a heightened level of security on this Mac.

Related to Avast, there are many Avast apps I have licensed.  So I see many alerts  For the 2 Avast processes in the Subject of this message, there are many where there is only an IP address with no DNS name and no indication of what it may be in a reverse DNS lookup that Little Snitch provides when an alert executes.  I am not comfortable with these and the number of them that alert.

For example com.avast.proxy:
- outgoing connections to 13.107.42.14
- outgoing connections to 3.218.191.245
- Allow outgoing connections to 54.239.30.25

Then there's some with DNS info, and I wonder what is being sent to these locations:
- outgoing TCP connections to port 80 (http) in domain avast.com
- outgoing connections to d3g64w74of3jgu.cloudfront.net
- utgoing TCP connections to port 80 (http) in domain xtelligentmedia.com
There's more!  And more for com.avast.securedns

In case you are wondering why I'm being this careful.....I know enough about ransomware to know at some point a message fires off to an internet location to start the process.  Although I use Avast to assist in this, I need to take this further with real-time user feedback.  I don't want to break anything Avast needs.

I am tempted to block these communications.  However, I would like to know what these are.

Any help would be appreciated.