FLServer Security Issues?
-
Hi, me again.
I was wondering, does running a FL server cause any security issues (open port for hackers/viruses etc.)? I’m asking, because I was going to host a modded Internet server for my clan, and all these router/rerouting settings etc. look somewhat fishy to me…If it helps, I’m using FLServer 1.0, along with FLHook and DAM.
-
You need patch 1.1 to run FLHook properly.
-
There are two types of computer vulnerabilities to consider when setting up a server: remote attacks and humans with access. By limiting who has physical and digital access to your server, you can reduce the risk of a human with access causing a security issue. Also, by not using the computer for regular internet browsing and ensuring files are scanned for viruses, human error is almost eliminated. A good firewall is the best way to prevent remote attacks from affecting your server. Programs, processes, and Windows services listen on open ports for all sorts of incoming connections. All an attacker has to do is know how to attack one program to make it cause undesired effects on the entire computer. Securing all of your ports by only allowing FLServer and possibly a remote desktop program to use the internet is the best way to prevent attacks.
That said, there is a vulnerability in FLServer. I have seen it prevent Windows Remote Desktop from being able to access a server while it is under attack. I am referring to the DDOS attacks. The attacker can’t make your computer run unwanted programs, but they can prevent the server from being used and make players disconnect due to lag. I have only confirmed one firewall program as being able to prevent the attacks, but I know of one other that should work. If you need a recommendation on a firewall, PM me. Discussing it in public, where the attacker can read about what we use to stop him is not a good idea.
