Author Topic: Rogue SSH requests from Wi-Fi Inspector on Avast Free  (Read 545 times)

0 Members and 1 Guest are viewing this topic.

Offline Charlie132

  • Newbie
  • *
  • Posts: 1
Rogue SSH requests from Wi-Fi Inspector on Avast Free
« on: October 12, 2021, 11:40:49 PM »
Noticed 40+ SSH attempts to a FreeNas server from a PC running Avast Free.  Assuming the worse and that the PC had been compromised I air gaped the PC from the network to see if it could be recovered.

After a couple of hours of frantic digging and antivirus scans it looks like the Avast Wi-Fi inspector is basically preforming a dictionary attack of default passwords on all network devices. Has anyone else noticed this before?

Information on the Avast website is vague with what security checks the scanner does but within seconds of starting the scan manually I can see SSH attempts again so reasonably sure this is Avast.

Any info on this would be great. 
« Last Edit: October 13, 2021, 12:35:36 AM by Charlie132 »

Offline NON

  • Japanese User
  • Avast Überevangelist
  • Ultra Poster
  • *****
  • Posts: 5106
  • Whatever will be, will be.
Re: Rogue SSH requests from Wi-Fi Inspector on Avast Free
« Reply #1 on: October 13, 2021, 03:28:48 AM »
Hello Charlie132, welcome to the forums.

What you described is how Wi-Fi inspector works, checking all devices within the network for known vulnerability, open ports, port availability from the Internet, Wi-Fi encryption and so on.

I suppose these checking include port scanning and a kind of proof-of-concept attacks to check vulnerabilities, so I don't surprise some security measures installed on the network flag these activities as potentially malicious.
« Last Edit: October 13, 2021, 03:30:41 AM by NON »
Main: Win10 Pro 21H2 64bit / Core i5-7400 3.0GHz / 16GB RAM / Avast 22 Premium Beta(Icarus) / Comodo Firewall (testing again)
Mobile: Win10 Pro 21H1 64bit / Core i5-3340M 2.7GHz / 8GB RAM / Avast 21 Free / Windows Firewall Control

Avast の設定について解説しています。よろしければご覧ください。