Anyone even gets anything counted on AiProtection?

khg

Occasional Visitor
I have AC66UB1 with 386.2.2 but all counter is zero, tried the suspicous site test but works, nothing has blocked.(and counter also 0) I think this feature is not working at all. I tried factory reset but still nothing however it is swithced on.
 

Morris

Senior Member
Works fine for me
 

New2This

Senior Member
I have seen nothing also collected. But once I shut it down and installed Suricata onto my AX88U. It seems to be catching some.
 

Attachments

  • F730AE37-9885-4E2E-9BD4-6DF4AE327492.jpeg
    F730AE37-9885-4E2E-9BD4-6DF4AE327492.jpeg
    111.1 KB · Views: 64

Tech9

Part of the Furniture
RT-AC66U B1 running Asuswrt-Merlin 386.2_2 firmware, 6 klicks on malicious content links:

Untitled_34.jpg


You have to disable your browser's Safe Browsing in order to trigger AiProtection response.
 

jerry6

Very Senior Member
only time it works for me is when my daughter comes over and she uses a guest network , counts about 29 blocks when she is in
 

Nebulaz

Occasional Visitor
On RT-AC87U I had a lot of things counted there and displayed as "Blocked". On RT-AX58U, it's been weeks and months and all AiProtection counters are at ZERO. What's going on? I did tests and URL blocking does seem to actually work, but it counts nothing when it happens. Not with official ASUS firmware or latest Merlin builds.

I am don't think much about it because I am very careful about where I navigate to on the web. My assumption is that most of us here care dearly enough to protect our networks, and part of that is choosing where not to go.
 

Wallace_n_Gromit

Senior Member
After reading this thread, I thought I would check the AiProtection.

I see that the wife has something on her pixel phone (that showed up recently) that TrendMicro ID's as Malware.

When She gets up, I will have to show her this and troubleshoot what is raising TrendMicro/AiProtection alarm.

This site is a great source of Information/empowerment as per usual! :D

Additional Note: I have her Pixel 3a phone using NordVPN [always on].

I use Sophos Intercept X and Google Play Protect to periodically check for PUP's and Malware, nothing was reported.

Just recently, because she has been having trouble accessing/getting updates on her social media apps, I have split-tunneled her phone to have her social media apps not use NordVPN. Thus the recent results below. (i.e. since the VPN tunnel is no longer encrypting the social media traffic from the router/AiProtection, now the router/TrendMicro is able to filter/ID possible "bad" social media traffic), right?
 

Attachments

  • Web capture_1-5-2021_9654_192.168.66.1.jpeg
    Web capture_1-5-2021_9654_192.168.66.1.jpeg
    113.9 KB · Views: 44
Last edited:

torstein

Regular Contributor
By chance are your browsers using DoH? If so AiProtect will not work.
Wait, so if I have encrypted DNS as one gets with NextDNS, AiProtect doesn't work? Is that correct?
 

Morris

Senior Member
Wait, so if I have encrypted DNS as one gets with NextDNS, AiProtect doesn't work? Is that correct?
My wife and son are masters of tripping AI protection and it seems to be a strong part of our layered protection. I stopped using encrypted DNS, it works great except when it stops responding and needed tweaking and/or restarts. Going back to traditional DNS has resulted in solid reliability. We can't hide in the 21st century as we are monitored every ware. I point my DNS at various secure DNS sources depending on the application I'm protecting and this has worked well. I've also given up on the third party firewall applications plugins for Asus/Merlin as they have way too many false positives. This network is my home network and while I built it, I don't want to spend my days dealing with family members who are frustrated creating emergencies for me to address. The good news is that while my wife and son are blocked regularly by AiProtection there systems don't seem to be infected. Once, my son's computer did do a call back to a C&C server and that's when I was using encrypted DNS and a firewall plugin.

So my view is I'm much happier with stable, reliable commercial products that seem to provide safety at the cost of "privacy" with the huge advantage of set and nearly forget.

Morris
 

Treadler

Very Senior Member
Wait, so if I have encrypted DNS as one gets with NextDNS, AiProtect doesn't work? Is that correct?
I don’t believe so.
All my devices are Apple, & I have dns profiles installed on every device (using DoH encryption).
The ‘wicar’ malware test is blocked by aiprotect successfully, so I’m assuming encrypted DNS doesn’t matter?
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top