When I run FG, I get a report from Kaspersky Firewall about every 2 minutes that says they have blocked a network attack from 209.58.129.72. I blocked all traffic from that IP address and it prevents any players from connecting to my server. The really strange part is that is says the attacks are coming in on port 3389, which obviously isn't the one FG is supposed to be using.

I have not explicitly enabled any Port-Forwarding on my router, but have uPNP enabled and assume that FG is using that to allow connections. I can play FG just fine, but as a security conscious guy, I would like to understand.

Can somebody help explain to me what is going on? I suspect it's something related to how FG allows people to find my by alias or something.

Thanks in advance,
LordJeb

You can open a cmd prompt and try a few different netstat commands to see what is communication and to who?

https://pcsupport.about.com/od/commandlinereference/p/netstat-command.htm

example: netstat -a -f -o

There are some pretty skilled network guys here on the forum who might have some easy tips to check for more things.

I run Kaspersky Total Security 16.0.0.614(e) and have not noticed any reports like this.

Back to lurking.

Heye lordjeb.

When you run a client server app like fantasy grounds you will receive traffic that you havent requested. This is players making requests - rolling dice, opening books, refreshing maps etc etc. If you set your firewall security to a higher level it will warn or block or both all traffic that isnt a response to a request made by you. Eg when you browse this page your browser sends requests for data and the server responds. The server never initiates a connection to you whereas in FG as the GM this traffic is reversed. If you have a higher security setting enabled on your firewall you will need to tell the firewall how to deal with it - eg accept it. That IP address probably belonged to one of your players and you blocked her from accessing your system.

The port... well Im thinking that the Firewall is misreporting that... FG CAN run on 3389 or any other port but the players wont be able to connect to it on this other port unless they know the port and they configure FG to use that port.

I hope that helps somewhat...