Menu
What's new
By:
Filters Better Search

AC88U AiProtection tells me my NAS is infected, really?! How to dig into it?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

J

Jerom7

Occasional Visitor
Hi gang,

I just upgraded my N66U and bought a second hand AC88U : Merlin, speed and AiProtection were the selling points...
(Fyi, I did try a Linksys 1900acs first but stock firmware is crap and I did not have the courage to learn OpenWrt/Lede.
The rock-solid N66U with 374 LTS John's fork should be turned into a media bridge but I'm working on it, not just there yet - no HW accelaration is my next step, after checking other posts...)

After some AC88U tweaking, DFS 5Ghz trouble, flashing 384.19 (from stock 384_81116) & resets - I am now tracking this message from AiProtection Two-Way intrusion :



3 hits every 15 minutes from my dlink old NAS even after stopping Transmission BT...

Is it a "false positive" as often?
How can I get detailed log, did you track such warning?

I know this DNS-320L NAS is outdated and not 100% secure anymore, but never thought it could get infected as I never opened it to outside networks... (Encrypted BT can get hackers knock at your door?!) Was I wrong?

Thanks again to Eric, John, L&LD and all other contributors for all their work, posts & help provided here,

Cheers,
 
I don't want to state the obvious, but have you run a full malwarebytes with rootkits enabled and/or hitman pro scan accross your nas to see if it picks anything up ?
 
Nope I did not indeed o_O, NAS only having media files, no executable.
And Linux flavor so anemic on DNS-320L: dual 1000mhz Marvell CPU 256 Mb RAM :p (less than wifi router, lol)

I'll try and run Sophos on it (2016 though is latest build) : http://dlink.vtverdohleb.org.ua/Add-On/index.php

Thanks!

P.S. Found also some posts in the meantime /will dig into these... VPN, reset my NAS firmware? (/ditch it for a Synology), etc.
https://www.snbforums.com/threads/trend-micro-two-way-ips-hits.43207/
www.snbforums.com

TWO WAY IPS AIPROTECTION

Hi, I'm new to the forum and i'm really seeking help in the same matter as above , my router is Asus DSL-AC68U and since the latest firmware update from Asus and the implement of the new AIProtection interface from trend micro that let us see the attackers and assuring us lol that they are...
www.snbforums.com www.snbforums.com
...
 
You must log in or register to reply here.
Similar threads
Thread starter Title Forum Replies Date
dragon31337 Can't add AC88U as wired AI Mesh to AC5300 Asuswrt-Merlin 13
S [AC88U] How to connect 2 separated networks into 1 VLAN Asuswrt-Merlin 2
D RT-AC88U with firmware Merlin 386.12 reboots with most settings wiped Asuswrt-Merlin 13
Z RT-AC88U Link Aggregation Asuswrt-Merlin 0
StephanK RT-AC88U / Kill Switch Asuswrt-Merlin 18
W Latest firmware 388.7 for AX88U and AX11000 and 386.13 for AC88U Asuswrt-Merlin 3
R RT-AC88U on Merlin 386.12_4 Wifi Button turn off Wifi Scheduler Asuswrt-Merlin 0
S AC88U stopped working with Merlin Asuswrt-Merlin 7
BeKozGaming [RT-AC88U][386.12_4] "backup_jffs.tar Failed - Virus detected" Error saving JFFS partition: Trojan:Script/Wacatac.B!ml Asuswrt-Merlin 11
V Can AIProtection be disabled? Asuswrt-Merlin 7

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 605 (members: 10, guests: 595)
Top