Author Topic: why dns hijack alert on wifi inspector for the 1st scan on new router only  (Read 2886 times)

0 Members and 1 Guest are viewing this topic.

Offline jraju

  • Sr. Member
  • ****
  • Posts: 395
Re: why dns hijack alert on wifi inspector for the 1st scan on new router only
« Reply #15 on: September 22, 2021, 08:55:33 AM »
Hi, some family members have configured the internet option , dns survey as google dns.
I suppose, that eventhough, dns is configured automatically from my ISP, the setting in the windows ipv4 properties, dns server overtakes the ISP servers and acting as router dns server.
Yes, again removing the google dns in the ipv4 settings, to auto detect, then it shows the router has been hijacked dns alert.
So, means that if any body uses their own ISPs dns server, would receive this alert is it correct.
I do not know, why it cannot suppress and show as not a threat or dns hijack
It seems that it is false positive ok.
give me ideas.

Offline jraju

  • Sr. Member
  • ****
  • Posts: 395
Re: why dns hijack alert on wifi inspector for the 1st scan on new router only
« Reply #16 on: September 23, 2021, 07:45:53 AM »
Hi, So many persons would be using avast antivirus free for longtime and if any one of them scan with wifi inspector, then the scan result is false positive dns hijack.
I do not know, how then one could use avast free antivirus without these bugs.
I hope some avast staff would do the needful in the matter.
I am a long lover of this antivirus as it gives me alerts as it promised.
can I expect a reply in this regard.
Hi, R(a)avast, ofcourse, I tried tracert on some of the scan alert websites.
Yes, the tracert is redirected. I understand.
So, if you use google dns, in the place, then you do not have dns hijack alert, this is because, google dns does not redirect such.
So, if you use ISPs dns, which redirects, then, your dns is hijacked and you need to change the dns to public dns.
what is the logic behind this kind of alerts.
As a regular user of this vastly secured and improved av, May I get a detailed reply
« Last Edit: September 23, 2021, 08:12:08 AM by jraju »

Offline r@vast

  • Avast team
  • Super Poster
  • *
  • Posts: 1832
Re: why dns hijack alert on wifi inspector for the 1st scan on new router only
« Reply #17 on: September 23, 2021, 12:42:44 PM »

Hi,

Are you using a VPN, by any chance?

Offline redwolfe_98

  • Jr. Member
  • **
  • Posts: 94
Re: why dns hijack alert on wifi inspector for the 1st scan on new router only
« Reply #18 on: September 23, 2021, 11:37:23 PM »
I was shown alert of dns hijack and on the solution page, I was asked to uncheck enable ddns in advanced settings , which i did it. On the second scan, it shows no alert
it seems like it was that simple, that you needed to disable "DDNS."

DDNS is disabled by default on my linksys router.

Offline redwolfe_98

  • Jr. Member
  • **
  • Posts: 94
Re: why dns hijack alert on wifi inspector for the 1st scan on new router only
« Reply #19 on: September 24, 2021, 12:04:15 AM »
So, if you use ISPs dns, which redirects, then, your dns is hijacked and you need to change the dns to public dns
i don't think that it has anything to do with which DNS servers you use. rather, it has to do with whether or not "DDNS" is enabled.

if you need to have DDNS enabled, i imagine that there is an option to set the avast program to ignore the issue, where it will not generate an alert about DDNS being enabled.


Offline jraju

  • Sr. Member
  • ****
  • Posts: 395
Re: why dns hijack alert on wifi inspector for the 1st scan on new router only
« Reply #20 on: September 24, 2021, 08:27:43 AM »
Hi, R(a)vast,
I do not use any vpn . I only use firefox for most of the time.
could you let me tell how could I check it , if any vpn is used by me or made to used by me.
I never use vpn.
Could I know, why I am asked this.
i checked my ext. ip in whatismyproxy website and the result is
"Do Not Track" Setting:

Do not track is not enabled in your browser
« Last Edit: September 24, 2021, 08:58:28 AM by jraju »

Offline jraju

  • Sr. Member
  • ****
  • Posts: 395
Re: why dns hijack alert on wifi inspector for the 1st scan on new router only
« Reply #21 on: September 24, 2021, 08:36:35 AM »
Hi, redwolfe,
       I already tried to uncheck the enable button on my ddns page in router.
Even when i unchecked , it is getting checked i.e enabled on reboot of router.
Moreover, when I bought this to my dlink ccexecutive, he says, that ddns is not configured in my router, as there is no entry in the down portion of the page, I enclose herewith.
       Since the connection of pppoe1 is the mode, it is there in the box. I could not see, any other entries in the down portion, as I have not enabled anything.
         You say that is disabled in your router.
         But what that has to do with my alerts , please say..
your quote:
f you need to have DDNS enabled, i imagine that there is an option to set the avast program to ignore the issue, where it will not generate an alert about DDNS being enabled.
Do you mean to say, that alert from avast is for the ddns and not dns.
If it is already enabled, which i think, is not up to now, how to disable my ddns.




         
« Last Edit: September 24, 2021, 08:58:04 AM by jraju »

Offline r@vast

  • Avast team
  • Super Poster
  • *
  • Posts: 1832
Re: why dns hijack alert on wifi inspector for the 1st scan on new router only
« Reply #22 on: September 24, 2021, 03:36:09 PM »
Hi, R(a)vast,
I do not use any vpn . I only use firefox for most of the time.

Hi,

Thank you for the clarification. This is a bug and our developers are working on a fix.

Offline jraju

  • Sr. Member
  • ****
  • Posts: 395
Re: why dns hijack alert on wifi inspector for the 1st scan on new router only
« Reply #23 on: September 25, 2021, 01:54:05 PM »
Hi, red wolf,
         Do I have enabled the ddns? from the above picture please tell.
         I do not have any dlink free ddns account and I never use
         But I could not just remove the enabled tick permanently from the page, as it comes back on reboot of router.
         Expecting your reply on this ddns matter.
         Moreover, Dlink stops the ddns service in the year 2020 june or july I suppose,

Offline jraju

  • Sr. Member
  • ****
  • Posts: 395
Re: why dns hijack alert on wifi inspector for the 1st scan on new router only
« Reply #24 on: September 29, 2021, 06:52:41 AM »
Hi,

             has the bug been fixed in avast software. Could the avast team say, what is the bug in connection with this subject on wifi inspector? would be glad to know the technical details.
             
               
             
« Last Edit: September 29, 2021, 06:55:51 AM by jraju »

Offline jraju

  • Sr. Member
  • ****
  • Posts: 395
Re: why dns hijack alert on wifi inspector for the 1st scan on new router only
« Reply #25 on: October 02, 2021, 05:10:52 AM »
Hi,

     Is it that the wifi inspector scan scans some selected suspicious sites as avast things as suspicious and if any secured redirects are there, then it flags it as a compromised website, as it redirects, and flag it as dns hijacked?
     If you have a secured dns server for some security purposes, then , it will alert as dns hijack otherwise, it will not?
     If there is no secured redirect and if the websites are not redirecting , then it is showing as no vulnerability? like public dns , google dns, opendns etc..
      So, the websites that avast chooses only gets scanned in wifi inspector? is it not correct? Probably users would have sent the list of websites .
       I expect a clear and detailed reply on the above, as it is not only affecting a single individual but so many users.
 

Offline r@vast

  • Avast team
  • Super Poster
  • *
  • Posts: 1832
Re: why dns hijack alert on wifi inspector for the 1st scan on new router only
« Reply #26 on: October 04, 2021, 04:48:20 PM »
Hi,

             has the bug been fixed in avast software. Could the avast team say, what is the bug in connection with this subject on wifi inspector? would be glad to know the technical details.
             
               
           


Hi,

The issue has been fixed and will be realised in the next AV program update (version 21.9).

Offline jraju

  • Sr. Member
  • ****
  • Posts: 395
Re: why dns hijack alert on wifi inspector for the 1st scan on new router only
« Reply #27 on: October 05, 2021, 03:56:04 AM »
Hi, r@vast,
Thanks . But you could have given something about the bug.usually avast users log gives the clue to the bug.
can I presume that now genuine and secured dns redirects will be exempted from dns hijack alerts. Believe me, that I thought of discontinuing avast for good when it was said to be compromized with a security  lapse years back but avast wouldn't leave me, as I am familiar with most of the individual menus that this av has.The quick fix of avast , as promised a re-look and I am reporting any issue.
please give clue about the bug.  Happy that avast looks at user concern and acknowledging the issues.