Hey Guys,
I found the bug…
My Issues:
AVG Internet Security blocking allowed, legit LAN connections in remote access shield
Flagged as - SMB: Brute Force Attempt
Disable "Enable Samba protection" in Remote Access Shield to Fix it, it's classifying SMB as Samba…
Let's get on the ball AVG, this is an unacceptable bug!!!
I have the same problem. There are two Windows 10 PC's on my network which have shares with a Windows 10 PC. Just one of the Windows 10 PC's connects OK, but the other is blocked, with the same "Incoming connection blocked" pop-up repeatedly appearing. I've tried adding "trusted network" IP addresses as suggested by Rakshith Rajkumar, but without success (maybe a reboot is required?).
The only thing that has stopped the blocking is to turn off "Remote Access Shield" altogether. Not ideal, but at least I can now get access.
Any clues on how to fix this without compromising the "Remote Access Shield"?
Hello Loredano,
If you connect your device to another PC when you use AVG program, you need to add that PC IP address in alllowed list of AVG Internet Security program. If you did not add in allowed list, AVG will notify about untrusted site.
Hence, we request you to add other PC IP address to AVG Internet Security by following our previous steps and let us know the status.
If your PC have any threats or issues, AVG will check and notify you. Thank you.
I've never disable it because i worry about this bruteforce attack
I've click "Do not show again" only.
You think, that this smb brute force attack will be repaired when i reinstall AVG?
Hi Loredano,
We will check this for you.
Could you share us the screenshot of the error message?
Refer this article for the steps to capture the screenshot : https://bit.ly/2Y6RCDP
You can post the screenshot here in your topic. Click on 'Answer' & then click on the 'Image' [mountain symbol] & follow the instructions.
Sure, Loredano.
You can post the screenshot at any time. We are available round the clock.
I have the same problem with a home network WITHOUT remote desktop permissions. One laptop repeatedly reports it is under attack from a PC on the network.
I don't have time to add every dynamic IP address PC on the network to this list. Solution: uninstall AVG firewall and use the Windows one instead.
Hi,
We have few PCs in office.
All PCs are connected to the same LAN, Windows 8-10 and latest AVG Internet Seciuryty.
All PCs are scnned.
On one of PCs (192.168.1.200) AVG show warning that another PC in LAN (192.168.1.211) are trying to smb brute force attack - incoming remote desktop connection are blocked:
Imgur: The magic of the Internet
List of all tries:
Imgur: The magic of the Internet
I check 192.168.1.211 and
- remote access and help turned off
- samba in windows features turned off
- no AVG warnings
Please AVG, could you help us?
Greetings,
Artur
Sure, Loredano.
You can post the screenshot at any time. We are available round the clock.
…so the question is: how to check if i am under attack from Remote desktop?
I've never disable it because i worry about this bruteforce attack
I've click "Do not show again" only.
You think, that this smb brute force attack will be repaired when i reinstall AVG?
We understand your concern, Arthur.
We request you to repair your AVG Internet Security, not reinstall it.
Refer to this article to repair your AVG Internet Security.
If the issue still persists after the repair, kindly disable your Remote Access Shield temporarily & check for the issue.
Thank you for understanding. Keep us updated.
Hi Peter,
We're glad to look into this & help you.
It isn't recommended to disable Remote access shield. Please restart your computer once after excluding the IP address & check.
If issue persists, please write back to us in your own post to investigate further on this.
Thank you for your understanding in advance!
Hi Loredano,
We will check this for you.
Could you share us the screenshot of the error message?
Refer this article for the steps to capture the screenshot : https://bit.ly/2Y6RCDP
You can post the screenshot here in your topic. Click on 'Answer' & then click on the 'Image' [mountain symbol] & follow the instructions.
I don't have time to add every dynamic IP address PC on the network to this list. Solution: uninstall AVG firewall and use the Windows one instead.
Hello Michael,
Thank you for replying.
We are sorry for the trouble caused.
Please update the recent version and check the status.
Thank you and keep us updated.
Hi,
I have similar problem:
- 1 workstation, 2 node on windows10 64bit.
AVG shows waring of smb brute force attack from one node,
this happens when the node start to comunicate with workstation with Distribute Render plugin.
thanks
Thank you Avinash for answer,
the problem for me is IF "the connection is trusted"
Regards
Loredano
Hello Arthur,
We'll certainly look into this and help you.
Could you let us know if you kept receiving the threat pop-ups after disabling the Remote Access Shield?
Also, you can repair your AVG Internet Security once & check if that helps.
Refer to this article to repair your AVG Internet Security.
Thanks in advance. Keep us updated.