OS Name/Version: Windows 10 Pro
Product Name/Version: Mcmyadmin 3/AMP 220.127.116.11
Hello, the issue I have is likely out of the hands of people here as it is a local issue but I'd like to give a description of what is going on and have a specific question.
My ISP (comcast) recently switched over to an online based modem access point. Meaning I have to log into comcasts website in order to make any modem changes/port forwarding/ etc. I have a minecraft server setup for just me an my girlfriend and nobody else. The server I have setup is completely seperate and is never used for anything else even so much as a google search. Since comcast switched over to this online modem access, my girlfriend, who is the only one who accesses the server outside of my house, has been getting disconnected. This is due to comcast denying her IP address access to the server.
Comcasts web access is stating that 85 threats were detected in two days, and from mostly different IP addresses from several countries, mostly Italy. All of these tried to connect to port 8080 and 25565, and ONLY connected to the IP address of my server. Also, only the 25565 was actually port forwarded.
Now it's starting to look like some malware or something found out the IP address when we connected to the server and is attempting to gain access. This is likely out of the scope this forum support can help with but my question is, does AMP for any reason connect to outside servers that may have a VPN or are located around the world? Just trying to determine if perhaps amp is trying to access specific things for the application and comcast is being overly cautious and shutting them down, or if these are legitimate attempts at my network. Really as I mentioned, this is the only question I need answered.
Thank you in advance.