Chapter 11: Intrusion Detection and Prevention
190
WatchGuard Firebox System
would be a good idea to verify that NFS is using port 2049
on all your systems.
OpenWindows (port 2000)
OpenWindows is a windowing system from Sun
Microsystems that has similar security risks to X-
Windows.
rlogin, rsh, rcp (ports 513, 514)
These services provide remote access to other
computers and are somewhat insecure on the
Internet. Because many attackers probe for these
services, it is a good idea to block them.
RPC portmapper (port 111)
RPC Services use port 111 to determine which
ports are actually used by a given RPC server.
Because RPC services themselves are very
vulnerable to attack over the Internet, the first step
in attacking RPC services is to contact the
portmapper to find out which services are
available.
port 0
Port 0 is reserved by IANA, but many programs
that scan ports start their search on port 0.
port 1
Port 1 is for the rarely used TCPmux service.
Blocking it is another way to confuse port scanning
programs.
Novell IPX over IP (port 213).
If you use Novell IPX over IP internally, you might
want to explicitly block port 213.
NetBIOS services (ports 137 through 139)
You should block these ports if you use NetBIOS
internally. Although such services are blocked
implicitly by default packet handling, blocking
them here provides additional security.
Summary of Contents for Firebox X10E
Page 1: ...WatchGuard Firebox System User Guide WatchGuard Firebox System ...
Page 12: ...xii WatchGuard Firebox System ...
Page 44: ...Chapter 2 Service and Support 22 WatchGuard Firebox System ...
Page 61: ...Cabling the Firebox User Guide 39 ...
Page 68: ...Chapter 3 Getting Started 46 WatchGuard Firebox System ...
Page 78: ...Chapter 4 Firebox Basics 56 WatchGuard Firebox System ...
Page 156: ...Chapter 8 Configuring Filtered Services 134 WatchGuard Firebox System ...
Page 182: ...Chapter 9 Configuring Proxied Services 160 WatchGuard Firebox System ...
Page 220: ...Chapter 11 Intrusion Detection and Prevention 198 WatchGuard Firebox System ...
Page 242: ...Chapter 12 Setting Up Logging and Notification 220 WatchGuard Firebox System ...
Page 256: ...Chapter 13 Reviewing and Working with Log Files 234 WatchGuard Firebox System ...
Page 274: ...Chapter 14 Generating Reports of Network Activity 252 WatchGuard Firebox System ...