Why does Avast connect to almost 700 different sessions during a new network connection to the internet over UDP ports 53 and 443? Also, they are all over the world… Turkey, China, Russia, Poland… How do I stop or limit this behavior? It seriously opens about 700 sessions on connection to IPs across the globe.
Hi,
UDP port 53 is used for DNS - name resolution. Avast may query names for several of its services, and since we run many data centers all over the world, it may be more than just a few. If we are talking about UDP and port 53, these are most probably not connections/sessions, but just DNS requests.
Which program do you use to display these sessions?
Well that is going to be a problem for anyone doing Geography based firewall rules. You can’t use Avast if you only connect to the United States. That’s what I’ve seen here. That’s not very inclusive.
I can’t even view my account because Avast is trying to go to the Netherlands and Czech Republic for 5.45.62.70:443. You need to make sure people with Geo blocking at their main firewall can still run Avast within their own country.
Also, I’ve had to disable your “Secure DNS” as Avast stopped connecting to Adobe.com earlier today… probably because I’m going outside the United States YET AGAIN to get my DNS. That’s not very safe in my opinion. I know they are your servers, but you should have servers based wherever your customer’s are located handling the local traffic, not overseas.
FYI - Firewalls now do Geo based blocking. I am using a Fortinet firewall. I am only allowing United States based IP’s etc. I had to create a special rule just to access your forum. You should strongly consider giving customer’s the option to access locally region based servers only.
Please let me know how I configure Avast to stay in the United States IP / DNS / Range and still access Avast “Secure DNS” / “Account” etc.
Also, please let me know all of the Avast FQDN names and IP ranges for my FORTINET firewall rules so I can update avast, use the secure dns and use Avast in general.
Thanks!
UPDATE: “SecDns.csv” has 183 entries. I need all the FQDN’s for avast and all the IP’s or IP ranges please.
FYI - I am using a Fortinet Firewall and I go to the main console and click “Sessions” There I can see all the Avast connections all over the world… although sadly, that’s NOT really what I want happening…
Verified the recommended Avast IP List with Avast Tech Support… but this doesn’t help really, a ton of these are outside the U.S.
I highly doubt you can do that for any AV. Remember this is no longer a one country market.
We live in a global market. Avast is headquartered in Prague in the Czech republic.
Yeah, and if they were all over the world in a “global market” that means you’d have servers in each country you could point to. People are going to start Geo Blocking. I suggest you get used to that. You can’t have INSIDE > Any. It’s just too unsafe.
