Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 11 replies
  • Subscribers 6 subscribers
  • Views 3872 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Free Mac Antivirus Home Edition Hangs Huawei MT-841 Modem

indiandragon

Hi all,

Impressed with Sophos Antivirus for Android, I installed  Free Mac  Antivirus Home Edition of Sophos on my MBP.

Remarkably I have come acrross an interesting issue,

My ADSL 2+ Huawei modem hangs cause of Anti Virus !!

Before some one says to check my networkk set up, let me clear some things about me,

I am a full time developer / reverse engineer and Red Hat Certified , so I have some Networking knowledge to come to this conclusion.

My Network Connection is as follows,

ISP --> Huawei ADSL 2+  MT841 Modem/Router (DHCP disabled & Firewall disabled) --> ASUS N10+ (DDWRT - DHCP enabled ) --> iMac and Macbook

My Setup -

1. Free Mac  Antivirus Home Edition of Sophos installed on my Mac Book .

2. My Macbook has  OSX Lion 10.7.4 with internal firewall and Little snitch  enabled.

Issue :

1. The modem hangs in 1 - 2 hrs after the boot of Mac Book and Anti Virus running.

Troubleshooting Followed :

I followed the following troubleshooting methodology for two days before arriving at the conclusion.

1. Checked by removing the router between the modem and MBP and connected directly to modem - issue occurs in 1-2 hrs.

2.  Disabled / Enabled DHCP servers on modem and router alternatively - issue not resolved.

3. Reset / Restored default settings in modem - issue occurs back in 1-2 hrs.

Temporary Fix :

1 . Modem restarted , the issue occues after 1-2 Hrs.

Permanent Solution :

1. Uninstalled  Free Mac  Antivirus Home Edition . - Modem works perfect .

Observations :

1. My Huawei MT 841 modem has been working great for 7 years with no issues so far . But  I could find a 2008  thread on the same modem having same  issue with Trend Micro Internet security  on a  Windows OS. That was an official bug in Trend Micro AV related to global threat sense technology in it.

2 . Free Mac  Antivirus Home Edition of Sophos had a similar Threat sense technology connecting to global servers, I wonder whether it causes my modem to hang.

Conclusion :

Sophos products are great no doubt on that, Free Mac  Antivirus Home Edition of Sophos looked promising it even detected windows virus from the parallels desktop VM. But I cannot continue using it unless the bug which causes my modem to hang gets resolved. It would be intresting to know how the Antivirus could cause a modem across the router to hang.

Looking for answers from Sophos support. I have mailed them, will soon post their reply.

Thanks.

:1007803


This thread was automatically locked due to age.
Parents
  • 0

    Thank you for checking!  I haven't heard of this issue in any other modem so far, but I don't work for support -- I will flag this issue for them.

    As for standardizing the DNS requests: as Live Protection is not doing a regular DNS lookup (it's not attempting to resolve domains, it's attempting to resolve whether a file is known to be malicious), it is not likely to be fixed.  That said, I know some of our live protection channels are moving away from DNS as a transport mechanism, so endpoint lookups may eventually switch protocols too -- but not likely within the next year.

    Actually, this may be something you can fix on your modem: the issue probably has to do with caching DNS requests ahd filling up the buffer used for this.  Turning off DNS caching may be just what you need (it will also fix the problem for other activities that involve a large number of DNS requests).  Definitely worth some tweaking if you have access, as this is more of a bug in the modem than a bug in the reference protocol itself -- it'll probably crop up again somewhere else eventually.

    :1007827
Reply
  • 0

    Thank you for checking!  I haven't heard of this issue in any other modem so far, but I don't work for support -- I will flag this issue for them.

    As for standardizing the DNS requests: as Live Protection is not doing a regular DNS lookup (it's not attempting to resolve domains, it's attempting to resolve whether a file is known to be malicious), it is not likely to be fixed.  That said, I know some of our live protection channels are moving away from DNS as a transport mechanism, so endpoint lookups may eventually switch protocols too -- but not likely within the next year.

    Actually, this may be something you can fix on your modem: the issue probably has to do with caching DNS requests ahd filling up the buffer used for this.  Turning off DNS caching may be just what you need (it will also fix the problem for other activities that involve a large number of DNS requests).  Definitely worth some tweaking if you have access, as this is more of a bug in the modem than a bug in the reference protocol itself -- it'll probably crop up again somewhere else eventually.

    :1007827
Children
No Data