Home Network Security

Despite using it since the first v2015 Betas, so far I never bothered to understand better what exactly is checked by the HNS scan… on the website there are no specific details apart a generic:

“Your home network can be attacked just like your PC. With just one click, you can scan your network for potential security issues to help prevent attacks on your routers and network.” ???

I got that one check performed is the router accessibility with or w/o password from internet, but has anybody a better knowledge of the other issues checked (e.g. port scanning, DNS, etc…)?

does this give some answers?
https://blog.avast.com/2014/11/04/avast-2015-new-feature-home-network-security-scanning/

some additional stuff https://blog.avast.com/tag/home-network-security/

Thanks for the info, it helped a little indeed. :slight_smile:

Summarizing, for sure it checks:

1. WLAN Encryption.
2. Your network router is accessible from the internet.
3. Devices on your network are accessible from internet.

Nevetheless, it is not clear if other specific router vulnerabilities are checked (maybe according to a definition file that is maintained throught normal UPDATE process). The text: “Your router is vulnerable to hacker attacks” or “Your internet connection is compromised and your router could be hijacked/is already hacked” are pretty generic. For example, as referred in the blog, do HNS check the known Vunerabilities (e.g. the ones published on http://seclists.org/fulldisclosure/2015/May/129 )?

Hi,

plus we also check:

  1. If your router has some default or simple password
  2. Some vulnerabilities for specific routers (rom-0 etc…)
  3. Checking your DNS server settings if it’s not hijacked

Starnge, but avast said that my home network is secured, he didn’t found that I have a default login and password.

OS: Windows 10 x86 Pro build 10240
Avast latest stable version
router manufacture: TP-Link

Also would be a help if general common TCP ports were checked to see if default open or closed, preferably stealthed, so the user could at least close any TCP ports open found on their router(s).

This general TCP port scan does not seem to be included in normal HNS scans, seems missing this information that could be helpful in buttoning down/securing a consumer router.

For example, TCP port 4567 found open at GRC website on some Actiontec modem(s)/routers or some ZyXel routers have TCP port 443 found open.