SoftEther VPN User Forum

When I run a network scan Avast antivirus says "We found some issues on your home network. Your Internet connection is compromised, Problem DNS records on your router are hijacked. Risk You can be redirected to fake sites and have your personal data stolen." When I click on more info link it says "Your router is vulnerable to network attacks!
We have found vulnerabilities in your router that can be used by attackers to hack into your network.
Description
Our scan has found your router vulnerable to attacks. That is, the router contains a problem that can be misused by cybercriminals to break into your network and compromise your security and privacy. We have identified the following problems with your router:

ROM-0
Severity: High

This vulnerability allows an attacker to easily gain control of the router and therefore your Internet connection. The attacker can use a specially crafted HTTP request to download all important and secret data stored in your router -- your router login/password combination, your Wi-Fi password and your configuration data."

My question is could softether vpn be the cause of this? I would hate to tell my landlord about it and have him charge me money I do not have to get it checked out and fixed?

Which did you use SoftEther server or client?
Was the VPN working when you scan?

I was not using them at all when I did the scan. I had been downloading just before that. Softether was not running while the virus scan was running.

webmasterx wrote:
> I was not using them at all when I did the scan. I had been downloading
> just before that. Softether was not running while the virus scan was
> running.

Was softether server installed on your system at that time or just downloaded awaiting install? or if using it was it operating in service mode or user mode? Service mode is always on even when the server manager is off.

While it never hurts to mention this sort of thing to router owners, it would also be worthwhile to figure out exactly what the Avast message is trying to say. The message you got is not terribly specific. Hijacking DNS traffic is a time honored past time by many in the business both good and bad. If there is no further info available try running shields up at www.grc.com and seeing what ports are open and https://www.dnsleaktest.com/ to see if you find any unexpected results there. It sounds as if the message is referring to your DNS site settings as being unusual but it may very well also be an intentional setting your landlord has made. If this is the case you will need to evaluate if the landlord is a risk factor or just unaware and decide if you should get your own service. If you do see an unexpected result ask if you feel ok having that site process your DNS and if not then you need to determine next steps. For example GoogleDNS and OpenDNS are OK. An unknown name with a location on an island in the middle of the ocean might be a flag for more investigation.