Despite using it since the first v2015 Betas, so far I never bothered to understand better what exactly is checked by the HNS scan… on the website there are no specific details apart a generic:
“Your home network can be attacked just like your PC. With just one click, you can scan your network for potential security issues to help prevent attacks on your routers and network.” ???
I got that one check performed is the router accessibility with or w/o password from internet, but has anybody a better knowledge of the other issues checked (e.g. port scanning, DNS, etc…)?
1. WLAN Encryption.
2. Your network router is accessible from the internet.
3. Devices on your network are accessible from internet.
Nevetheless, it is not clear if other specific router vulnerabilities are checked (maybe according to a definition file that is maintained throught normal UPDATE process). The text: “Your router is vulnerable to hacker attacks” or “Your internet connection is compromised and your router could be hijacked/is already hacked” are pretty generic. For example, as referred in the blog, do HNS check the known Vunerabilities (e.g. the ones published on http://seclists.org/fulldisclosure/2015/May/129 )?
Also would be a help if general common TCP ports were checked to see if default open or closed, preferably stealthed, so the user could at least close any TCP ports open found on their router(s).
This general TCP port scan does not seem to be included in normal HNS scans, seems missing this information that could be helpful in buttoning down/securing a consumer router.
For example, TCP port 4567 found open at GRC website on some Actiontec modem(s)/routers or some ZyXel routers have TCP port 443 found open.