I have been getting hundreds of alerts notifying me of SMB:BruteForce Remote Access attempts.

It has been coming from another machine of mine however the attempt is listed as coming from the local link ipv6 address (fe80::…).

Attempting to access file sharing from said computer causes the alert, and the shared folders do not show up in Network. (but it has also been doing it autonomically for days with no input from the user)

When I disabled the RAS, and attempted to connect to the shared folders again, it prompted with the credential popup as it should.

Now when I turned the RAS back on, it shows one of the other computer’s temporary ipv6 addresses (2601:…) instead and shows it as “allowed”.

Remote access is disabled on both machines, so why is this triggering the RAS?

And how do I fix this so it will not trigger the alert? I do not see a way to allow or block connection attempts from a particular IP or range, which makes the whole thing pretty pointless afaict.

Thank you!

→ https://forum.avast.com/index.php?topic=235069.0

A lot of these links are now broken, WTF Avast, such behavior does not in any way instill confidence in me towards your company.

Maybe Avast should have kept a read-only Archive of the old forum where links would still work.
Anyhow, trying to restart a 4 year old thread is not a great idea.

I suggest you post a new item maybe here: Viruses and worms - Avast Community
That is where I have seen similar reports of Brute Force attempts.

Or search the new community for “BruteForce”