What's new

AiProtection Security Level: Ping from WAN vs Web Access from WAN

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

DiliMe

Regular Contributor
Hi,
I'm confused about the way AiProtection calculates security risk and I'm looking for your opinion. Please check the 2 images below.
I see that "Ping from WAN" is considered a lower level (RED) of security compared to "Web access from WAN" (GREEN), while I would consider viceversa.
I consider that having the Asus Login page available from the WAN is riskier than having ICMP (ping) ON. ICMP could reveal that my IP is UP for port scanners and eventually somebody can put my device Down by forcing a DoS attack on my IP address.
I want/need to have "something" available from WAN side so that I can automatically monitor the uptime of my internet connection (I am using www.uptimerobot.com), either using ping or the availability of a 8443 port.
So I need to assume one risk: "Ping from WAN" vs "Web access from WAN".
What is your opinion?
IMG_8290.jpg
IMG_8289.jpg
 
I use OpenVPN for remote access, but I also need/want to monitor from outside and receive notifications about the status of my internet connection. But OpenVPN cannot be easily monitored on UDP or TCP port because it uses TLS-Auth.
For monitoring purposes I need/want to have open at least one port/protocol besides OpenVPN. Currently I am having ICMP open on the WAN side for the monitoring purposes with UptimeRobot.

I am intrigued by the way AiProtection labels ICMP a higher risk compared to HTTPS access for login page, which is strange to me.
I hope is a bug (or negligence from Asus side) in the way it labels risk.
 
I use OpenVPN for remote access, but I also need/want to monitor from outside and receive notifications about the status of my internet connection. But OpenVPN cannot be easily monitored on UDP or TCP port because it uses TLS-Auth.
For monitoring purposes I need/want to have open at least one port/protocol besides OpenVPN. Currently I am having ICMP open on the WAN side for the monitoring purposes with UptimeRobot.

I am intrigued by the way AiProtection labels ICMP a higher risk compared to HTTPS access for login page, which is strange to me.
I hope is a bug (or negligence from Asus side) in the way it labels risk.
The assessment is spot on! There are numerous threads discussing routers that have been compromised due web access from WAN.
 
At one point of Asuswrt evolution WPA3 was labeled insecure in AiProtection, when enabled.
That's not really related to AiProtection/Trend Micro, this was purely Javascript-based checks that wasn't updated to recognize WPA3. So if it wasn't WPA2, it would blindly report it as insecure.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top