What does the KACE agent do to protect against a hacker Emulating KACE header information and cookies to issue commands to a System, Windows or non, thru the ampagent on port 52230.

We have had a report of a script that was able to emulate a KACE server and cause a machine to execute commands via port 52230. Should this even be possible.

0 Comments   [ + ] Show Comments


Please log in to comment

Community Chosen Answer


Do you have SSL enabled on your kbox?  if yes they would also need to get the cert to pose as the server.

Answered 12/18/2012 by: SMal.tmcc
Red Belt

Please log in to comment



Though possible I would be highly skeptical. Amp is a tcp based secure protocol of its own with many mechanisms in place to ensure reliable transport and valid data. 

If Ssl is enabled be sure to forward port 80 to 443. 

Answered 12/18/2012 by: jdornan
Red Belt

Please log in to comment
Answer this question or Comment on this question for clarity