can the router settings be changed by virus? If it is secured by ISP

[jraju]

Hi, Long time no see to this topic.
                    To Shane, boggins and samson:
                         The avast scan showed vulnerability and i tried with whatever i could do, but still vulnerabilities.
                            Then i thought of downloading the zone alarm , to fix , but i think , it will disable the windows firewall. I raised a thread on this subject, as i had limited knowledge.
                             coming to the story. I waited for reply for that thread, and in the meantime, concentrated the settings in the firewall, windows firewall.
                              I just thought, of going to the advanced settings, and in the firewall settings, i clicked advanced, click inbounds, new rule, and then in the browsed page, selected ports instead of default and in the port, mentioned 21,80, http and ftp ports, and selected all domain, priv,public and other, and selected BLOCK, without knowing what i would have to face.
                              I ran the avast network scan, Oh! the vulnerability has gone and green ticks with words, that router configured correctly and  no vulnerability. Ofcourse, i had changed the admin pw to avoid weak password message. Please see the result for yourself. Thank god, the solution is the settings in the firewall, which default allows these ports, i suppose.
                         A sub query: would this affect my normal internet experience,

[Boggin]

It's difficult to know - run ShieldsUp again to see what reports.

I saw your thread about Zone Alarm and Windows Firewall but as I have no experience of Zone Alarm - I didn't respond.

[jraju]

GRC Port Authority Report created on UTC: 2016-02-21 at 14:56:53

Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113,
                            119, 135, 139, 143, 389, 443, 445,
                            1002, 1024-1030, 1720, 5000

    0 Ports Open
    0 Ports Closed
   26 Ports Stealth
---------------------
   26 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
                   - NO unsolicited packets were received,
                   - NO Ping reply (ICMP Echo) was received.

[Boggin]

The router's own firewall should deal with any vulnerabilities without having to do it from the computer.

I don't what the effect of blocking those will be.

[Samson]

J, You should be fine with that. I have ALL inbound blocked on my router, never had any problems.

By the way, looks like you have ditched that Teracom piece of junk for a decent D-Link? 

[jraju]

Hi, Samson, How did you do that in router. I have done the settings in firewall. Yes of course, but it is really working fine . Only i do not know the firewall settings.
to boggin:
                      Please explain that part of the answer that you need not do any extra in firewall settings and could do in the router. Of course, the router gives NAT protection and SPI protection, but it does not have any protection on http and ftp protection. These are said to be not enabled in router. But, actually those ports are enabled for http and ftp traffic, so avast finds them as vulnerabilities.
          Hi, samson, Now i have 3routers/ one dlink, other two, dataone and terracom all are working without any problem.
                  The ports open problem is the one avast thinks as vulnerability, is it ?

[jraju]

Hi, ssamson, and bboggins,   Betaal returns to his tree
Now the vulnerability is back

[Samson]

Hi, Samson, How did you do that in router. I have done the settings in firewall. Yes of course, but it is really working fine . Only i do not know the firewall settings.

Under "Firewall Settings" in my router (Netgear) The default setting is to block ALL inbound traffic. I have left this unchanged.
In answer to an earlier Q, ports 21 and 80 are only needed if you are running some kind of server. In my set up they are blocked by the default incoming setting and everything works fine for me.

I don't use Windows 7 (XP guy here  ), but I'm sure that if you need to you can block all incoming in the Windows firewall, without having to add ports under advanced settings, a Windows 7 expert (Boggin) can put you straight on that 

The problem in your screenshot appears to be a weak password.

[jraju]

Hi, I changed to that admitted password , only alphanumeric.
How could the same av is doing these tricks, even they do not know. They asked me to send the logs, which i did sent to them for analysis.
                                   Still some new head technician again calling for logs, and i asked him to look at his server.
                                      I think , there is glitch in the HNS, by avast. i rely on this av, as it is using reduced cpu for scans. I do not know, if this is correct.
                                        I will try to surf the net further to get rid of this problem.This is with the new router, samson.
                                      Boggins, by this time would have enough of my router/s. Let him take some time so that i try something , getting the error, and he comes to the rescue. Where is shane?

[Samson]

J, I use Avast too, but a much older version that does n't include that network tool so I cannot offer any advice there I'm afraid. If it is a new feature it could have teething problems? I would place more reliance on the GRC ShieldsUp report, which looks good to me.

[jraju]

Of course, Samson.
                       Yesterday i used 2015 avast, which had network scanner, but which says everything is ok.But the recent update, turned everything positive to negative.
                      i also sent the same results to the chief technician, who is yet to give a reply. Can i switch back to previous version, using properties for this. I will try.
                       You please visit the grc.com and see the videos Security now, a list of 5 to 6 videos, which hacked the grc.com for some days, before it could come back again. It is there in the google search.It will be interesting to know that , a calling bell could play a havoc, with a huge server to immobilize it totally. I could not hear the tech terms, that the grc.chief says, but could well understand the agony he has gone. He says about DDOS attack . By persons, who used a antenna like thing to capture the wifi settings and intruded to the system pl see those videos.