Avast Internet Security:  False positives with Home Network scan

system · 2015-04-10T16:20:55.000Z

Is my my particular network configuration is causing false positives.

I have Avast Internet Security. I have used the “home network scan” a couple of times. It gives me false positives that end up wasting my time. I go through and check all my browser settings, and they are already configured correctly.

There is a Note in the instructions from Avast: In some specific cases, this alert may be a false positive. The false positive can be caused by port forwarding configured by another service (such as the Xbox gaming system).

I do not have Xbox or other gaming system. However, my setup is non-standard: modem connects to hard-wire only router (Linksys RV042). I then have another modem hardwired to the RV042 that is a wireless router. But I have it set up only as a wireless access point. I.e., the RV042 is doing all the routing (DHCP etc). My laptop (running the network scan) connects wirelessly to the access point.

When I run the Home Network scan, I get fales positives for :

Your router is accessible from the Internet.
Your router is infected (I think that was dealing with DNS setup)
Your wireless network is not secure
Your network router is set to a weak password
Your network router is accessible from the internet
Your router is vulnerable to hacker attacks
Your network devices are not protected

As stated earlier, these are all false positives. I checked them and settings were already correct (my friend who installed it is a professional). I thought maybe it was only testing the wireless access device (since it’s a reconfigured router), but when I click on the link to go to the router settings, it takes me to the RV042 device.

So, are these false positives from my configuration, a software problem, or something else?

Thank you for your consideration!

system · 2015-04-12T10:40:35.000Z

Hi,

I’m having a very similar issue. Lots of false positive warnings which when I check my router settings, do not make sense (e.g. remote access already disabled, correct DNS settings etc).

I also have a slightly non-standard set up with a router connected to a patch panel/network switch which might be contributing to the problem.

Is there a way of independently checking (external) vulnerability? Another (trustworthy) third party website?

EDIT: I’ve also got a Home DVR CCTV setup which has external web access enabled (doh). I’m going to try disabling this (web access element) and see if this clears any of the ‘false positives’.

EDIT2: Yep - simply switching the CCTV DVR off at the wall and re-scanning has given an ‘all clear’ (“Congrats - your home netwrk is well secured”), so it seemed this was the source of the security alerts. The work around for me will prob be to permanantly disable the web access element of the DVR to maintain security and minimise further alerts). Hope this helps.

system · 2017-08-25T20:20:38.000Z

Similar issue on Nighthawk R8000. Firmware Avast recommends is outdated. Instructions are obscure and already configured. Then below instructions are screenshots unrelated to instructions about setting a static IP address.

I have a AT&T modem in “Bridge” mode that may be contributing to the issue, but unsure. Bridge mode for AT&T is essentially a DMZ with all filtering turned off.

Any thoughts?

chrisl4 · 2017-09-12T02:21:51.000Z

I have the same issue on my NetGear R8000. AVAST says “Your device is not configured correctly.”

Description: Service is vulnerable to attacks from within your network.; Catalogue ID CVE-2017-5521 ; Our scan has found that your router is vulnerable to attacks.

It recommends https://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability as a solution but that shows FIRMWARE R8000-V1.0.3.36_1.1.25.chk. I have Firmware Version V1.0.3.54_1.1.37.

Announcements