Using the klscflag utility to close port 13291
Port 13291 on the Administration Server is used for receiving connections from Administration Consoles. This port is open by default. If you do not want to use the MMC-based Administration Console or the klakaut utility, you can close this port by using the klscflag utility. This utility changes the value of the KLSRV_SP_SERVER_SSL_PORT_GUI_OPEN parameter.
To close port 13291:
- Run the Windows command prompt by using administrator rights, and then change your current directory to the directory with the klscflag utility. The klscflag utility is located in the folder where Administration Server is installed. The default installation path is <Disk>:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Center.
- Execute the following command in the command line:
klscflag -ssvset -pv klserver -s 87 -n KLSRV_SP_SERVER_SSL_PORT_GUI_OPEN -sv false -svt BOOL_T -ss "|ss_type = \"SS_SETTINGS\";"
- Restart the Kaspersky Security Center Administration Server service.
Port 13291 is closed.
To check if port 13291 has been successfully closed:
Execute the following command in the command line:
klscflag -ssvget -pv klserver -s 87 -n KLSRV_SP_SERVER_SSL_PORT_GUI_OPEN -svt BOOL_T -ss "|ss_type = \"SS_SETTINGS\";"
This command returns the following result:
+--- (PARAMS_T)
+---KLSRV_SP_SERVER_SSL_PORT_GUI_OPEN = (BOOL_T)false
The false value means that the port is closed. Otherwise, the true value is displayed.
