/build/static/layout/Breadcrumb_cap_w.png

How does KACE protect against a Hack script exploiting the AMPagent and port 52230?

What does the KACE agent do to protect against a hacker Emulating KACE header information and cookies to issue commands to a System, Windows or non, thru the ampagent on port 52230.

We have had a report of a script that was able to emulate a KACE server and cause a machine to execute commands via port 52230. Should this even be possible.


0 Comments   [ + ] Show comments

Answers (2)

Posted by: SMal.tmcc 12 years ago
Red Belt
2

Do you have SSL enabled on your kbox?  if yes they would also need to get the cert to pose as the server.

Posted by: jdornan 12 years ago
Red Belt
1

Though possible I would be highly skeptical. Amp is a tcp based secure protocol of its own with many mechanisms in place to ensure reliable transport and valid data. 

If Ssl is enabled be sure to forward port 80 to 443. 

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ