Doubt - Port that the agent uses to communicate with the server

Ylianst / MeshCentral

A complete web-based remote monitoring and management web site. Once setup you can install agents and perform remote desktop session to devices on the local network or over the Internet.

https://meshcentral.com

Apache License 2.0

3.96k stars 536 forks source link

Doubt - Port that the agent uses to communicate with the server #539

Closed geanferrani123 closed 4 years ago

geanferrani123 commented 4 years ago

Ylianst, good afternoon!

What port does the meshcentral agent use to communicate with the server?

MailYouLater commented 4 years ago

Unless specifically set to use a different port, it uses the default https port: 443.

geanferrani123 commented 4 years ago

A menos que definido especificamente para usar uma porta diferente, ele usa a porta https padrão: 443.

This is the port for using the web interface. I want to know the agent's communication port with the meshcentral server.

asasin114 commented 4 years ago

Just pulled this from Wireshark. It's using 443 to communicate. This is a packet captured of my MeshCentral server running a terminal session on a desktop of mine.

Transmission Control Protocol, Src Port: 60003, Dst Port: 443, Seq: 910, Ack: 10363, Len: 0 Source Port: 60003 Destination Port: 443 [Stream index: 14] [TCP Segment Len: 0] Sequence number: 910 (relative sequence number) [Next sequence number: 910 (relative sequence number)] Acknowledgment number: 10363 (relative ack number) 0101 .... = Header Length: 20 bytes (5) Flags: 0x010 (ACK)

.... .... = Reserved: Not set ...0 .... .... = Nonce: Not set .... 0... .... = Congestion Window Reduced (CWR): Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······A····] Window size value: 1023

Ylianst commented 4 years ago

The agent will connect to the server on port 443 (unless changed). This is the same port as the web interface. The agent will connect using web socket and perform an secondary certificate check with the server so, you can change the TLS certificate of the web server and the agents will still validate the server as being good. It's all explained in this document.

Port 80 is mostly used to redirect users to port 443 and validate Let's Encrypt. Port 4433 is used for Intel AMT Client Initiated Remote Access (CIRA) so you can manage computers even if sleeping or the OS is crashed, boot to BIOS and change BIOS settings, etc. Intel AMT is like a management agent built into the platform itself.

Hope it helps, Ylian

geanferrani123 commented 4 years ago

Very nice, thank you very much.

Ylianst commented 4 years ago

Thanks. I am going to close this issue. Feel free to open a new issue if you have questions or use the MeshCentral Reddit.