Watchguard Firebox X20E Reference Manual Download | Manualshive

Page: 10 / 78

background image

Transfer protocols

6

• Often used for services involving the transfer of small amounts of data where

retransmitting a request is not a problem.

• Used for services such as time synchronization in which an occasionally lost

packet will not affect continued operation. Many systems using UDP resend
packets at a constant rate to inform their peers about interesting events.

• Primarily used on LANs, in particular for NFS services where its low overhead

gives it a substantial performance advantage. A lack of congestion control
means that using UDP for bulk data transfer over long-haul connections is not
recommended.

• Supports broadcasts.

• Provides abstraction of ports.

• A connection is described by its source and destination ports and its source and

destination IP addresses. In typical usage, port numbers below 1024 are
reserved for well-known services (destinations), and the client side is supposed
to use ports above 1023 for the source of the connection. However, this rule has
many notable exceptions. In particular, NFS (port 2049) and Archie (port 1525)
use server ports at numbers above 1024. Some services use the same source and
destination port for server-to-server connections. Common examples are DNS
(53), NTP (123), syslog (514), and RIP (520).

TCP

Transmission Control Protocol (TCP) provides reliable stream-oriented services. It
trades speed and overhead for increased reliability. Like UDP, TCP provides source
and destination ports that are used in a similar fashion.

TCP uses a rather complicated state machine to manage connections. There are
several attribute bits that control the state of a connection. Three very important
attribute bits of TCP packets are the SYN, ACK, and FIN bits. The SYN bit is set only
on the first packet sent in each direction for a given connection. The ACK bit is set
when the other side is acknowledging the receipt of data to the peer. The FIN bit is set
when either side chooses to close the connection.

ICMP

The Internet Control Message Protocol (ICMP) is used primarily to deliver error
information about other services. It is otherwise quite similar in practical operation to
UDP. That is, it is connectionless and does not guarantee that packets are delivered to
their destination. One dangerous ICMP packet is the ICMP redirect packet, which can
change routing information on the machines that receive it.

Other protocols

The vast majority of the traffic on the Internet uses one of the three protocols
mentioned above. There are some others that are of interest:

IGMP (Internet Group Multicast Protocol)

A protocol supporting multicasts used by SGI’s Dogfight game.

«
...
8
9
10
11
12
...
»

Summary of Contents for Firebox X20E

Page 1: ...WatchGuard Firebox System Reference Guide Firebox System 4 6...

Page 2: ...uard Technologies Inc Copyright and Patent Information Copyright 1998 2001 WatchGuard Technologies Inc All rights reserved WatchGuard Firebox LiveSecurity and SpamScreen are either registered trademar...

Page 3: ...Content Types 9 Mime content types list 9 CHAPTER 3 Services and Ports 19 Ports used by WatchGuard products 19 Ports used by Microsoft products 20 Well known services list 21 CHAPTER 4 WebBlocker Con...

Page 4: ...Initializing a Firebox using a serial cable 40 Initializing a Firebox using a modem 43 Initializing using remote provisioning 43 Managing flash disk memory 44 CHAPTER 7 Out of Band Initialization Str...

Page 5: ...Internet standard and enables the shipment of datagrams self contained packets of information that include their own address and delivery instructions IP prepends a header to each datagram The IP hea...

Page 6: ...erved ICMP 1 Internet Control Message IGMP 2 Internet Group Management GGP 3 Gateway to Gateway IP 4 IP within IP encapsulation ST 5 Stream TCP 6 Transmission Control Protocol UCL 7 UCL EGP 8 Exterior...

Page 7: ...mple Internet Protocol SDRP 42 Source Demand Routing Protocol SIP SR 43 SIP Source Route SIP FRAG 44 SIP Fragment IDRP 45 Inter Domain Routing Protocol RSVP 46 Reservation Protocol GRE 47 General Rout...

Page 8: ...VMTP 82 SECURE VMTP VINES 83 VINES TTP 84 TTP NSFNET IGP 85 NSFNET IGP DGP 86 Dissimilar Gateway Protocol TCF 87 TCF IGRP 88 IGRP OSPFIGP 89 OSPFIGP SPRITE RPC 90 Sprite RPC Protocol LARP 91 Locus Ad...

Page 9: ...originally intended for use in testing the Internet Unfortunately record route can record only ten IP addresses On the present Internet typical long haul transmissions can involve twenty or thirty hop...

Page 10: ...re DNS 53 NTP 123 syslog 514 and RIP 520 TCP Transmission Control Protocol TCP provides reliable stream oriented services It trades speed and overhead for increased reliability Like UDP TCP provides s...

Page 11: ...ons from one host to another However since telnet uses a well known service number of 23 something must distinguish these two connections The other port in these cases will be a port that is typically...

Page 12: ...Standard ports and random ports 8...

Page 13: ...roxy This chapter contains a list of the more commonly used MIME content types The MIME content types are written as follows type sub type Wildcards may be used to select all sub types within a type t...

Page 14: ...ord document application news message id application news transmission application octet stream application oda application pdf application pgp encrypted PGP encrypted RFC 2015 application pgp keys PG...

Page 15: ...battelle application vnd commonspace application vnd cosmocaller application vnd cybank application vnd dna application vnd dxr application vnd ecdis update application vnd ecowin chart application vn...

Page 16: ...nd japannet registration application vnd japannet registration wakeup application vnd japannet setstore wakeup application vnd japannet verification application vnd japannet verification wakeup applic...

Page 17: ...a informed formtemp application vnd shana informed interchange application vnd shana informed package application vnd street stream application vnd svd application vnd swiftview ics application vnd tr...

Page 18: ...tion x net install Net Install 20 20 Software application x ns proxy autoconfig Autoconfiguration Netscape application x oleobject OLE Object application x olescript OLE script e g Visual Basic applic...

Page 19: ...voxware Toolvox speech audio Voxware audio x aiff Macintosh audio format Apple audio x mpeg MPEG audio audio x mpeg 2 MPEG 2 audio audio x wav Microsoft audio chemical several types drawing drawing x...

Page 20: ...image x portable anymap PNM UNIX PPM package image x portable bitmap PBM UNIX PPM package image x portable graymap PGM UNIX PPM package image x portable pixmap PPM UNIX PPM package image x rgb RGB im...

Page 21: ...tml HTML text data RFC 1866 text javascript Javascript program text plain Plain text documents program listings text richtext richtext RFC 1521 text sgml SGML documents RFC 1874 text tab separated val...

Page 22: ...rmulaone Spreadsheets Visual Components x conference x cooltalk Netscape Cooltalk chat data Netscape x form x openscape OpenScape OLE OCX object x model x mesh Computational meshes for numerical simul...

Page 23: ...ption Ports used by WatchGuard products The WatchGuard Firebox Management Station and LiveSecurity Event Processor LSEP use several ports during normal functioning Port Protocol Purpose 4100 TCP Authe...

Page 24: ...38 UDP NetLogon 137 138 139 UDP TCP Pass Through Validation 139 TCP Performance Monitor 1723 47 TCP IP PPTP 137 138 139 UDP TCP Printing 139 TCP Registry Editor 139 TCP Server Manager 137 138 139 UDP...

Page 25: ...o manual watchguard com 102 TCP MTA X 400 over TCP IP 110 TCP POP3 995 TCP POP3 SSL 135 TCP RCP 25 TCP SMTP 119 TCP NNTP 563 TCP NNTP SSL Port Protocol Purpose Service Name Port Protocol Description t...

Page 26: ...rotocol domain 53 TCP UDP Domain Name Server xns ch 54 TCP UDP XNS Clearinghouse isi gl 55 TCP UDP ISI Graphics Language xns auth 56 TCP UDP XNS Authentication xns mail 58 TCP UDP XNS Mail ni mail 61...

Page 27: ...te Virtual File Protocol tacnews 98 TCP UDP TAC News metagram 99 TCP UDP Metagram Relay newacct 100 TCP unauthorized use hostname 101 TCP UDP NIC Host Name Server iso tsap 102 TCP UDP ISO TSAP gppitnp...

Page 28: ...2 TCP UDP cisco SYSMAINT statsrv 133 TCP UDP Statistics Service ingres net 134 TCP UDP INGRES NET Service epmap 135 TCP UDP DCE RPC Endpoint resolution profile 136 TCP UDP PROFILE naming system netbio...

Page 29: ...DP Quick Mail Transfer Protocol z39 50 210 TCP UDP ANSI Z39 50 WAIS ipx 213 TCP UDP IPX imap3 220 TCP UDP Interactive Mail Access Protocol v3 fln spx 221 TCP UDP Berkeley rlogind with SPX auth rsh spx...

Page 30: ...dministration webster 765 TCP UDP phonebook 767 TCP UDP Phone socks 1080 TCP UDP Socks hermes 1248 TCP UDP lotusnote 1352 TCP UDP Lotus Notes netware csp 1366 TCP UDP Novell NetWare Comm Service Platf...

Page 31: ...mbers rfe 5002 TCP UDP Radio free ethernet aol 5190 TCP America OnLine x11 6000 TCP UDP X Window System through 6063 font service 7100 TCP UDP X Font Service nas 8000 TCP UDP NCD Network Audio Server...

Page 32: ...Well known services list 28...

Page 33: ...s Alcohol Tobacco Pictures or text advocating the sale consumption or production of alcoholic beverages and tobacco products Illegal Gambling Pictures or text advocating materials or activities of a d...

Page 34: ...gainst any race color national origin religion disability or handicap gender or sexual orientation Any picture or text that elevates one group over another Also includes intolerant jokes or slurs Gros...

Page 35: ...e Web sites for publications such as National Geographic or Smithsonian magazine nor sites hosted by museums such as the Guggenheim the Louvre or the Museum of Modern Art Partial Artistic Nudity Pictu...

Page 36: ...Searching for Blocked Sites 32...

Page 37: ...k security in general and the WatchGuard product line in particular These include Publishers Books White Papers and Requests for Comments Mailing Lists Web Sites Newsgroups Publishers Several publishe...

Page 38: ...ene Spafford Practical Unix and Internet Security Sebastopol O Reilly Associates 1994 ISBN 1565921488 Goncalves Marcus Firewalls Complete New York McGraw Hill 1998 ISBN 0 07 024645 9 McClure Stewart S...

Page 39: ...watchguard com WatchGuard sponsors a listserv for our customers For more information see the Technical Support chapter in the User Guide firewall wizards nfr net firewalls list gnac net Web Sites Wat...

Page 40: ...ecurity Archive of Vandalized Web Pages http www attrition org Gene Spafford s Homepage http www cerias purdue edu homes spaf Firewall Components http www 08 nist gov nistpubs 800 10 node44 html Note...

Page 41: ...html Zeuros Firewall Resource Page http www zeuros co uk firewall Dictionaries of Computer Terminology http www webopedia com http www whatis com http info astrian net jargon http www zdwebopedia com...

Page 42: ...Newsgroups 38...

Page 43: ...igned to enhance usability called the enhanced system area Read only system area All Fireboxes both new and old have a read only system area which the unit can be booted into utilizing the serial cabl...

Page 44: ...agement Station to the same LAN as the Firebox Trusted interface 3 Turn the Firebox off and then on Allow time for the Firebox to boot then confirm that the SysA light is flickering If the Firebox Sys...

Page 45: ...the same IP subnet as the Management Station The COM Port Setup dialog box appears 6 Turn the Firebox off and then on Check the Firebox front panel indicator lights The SysB light should be illuminat...

Page 46: ...ide chapter on Firebox Basics Saving a Configuration to the Firebox 4 To test whether the configuration file saved successfully to the Firebox use the Policy Manager to open it For instructions see th...

Page 47: ...from virtually any location on a network it is a very versatile option However remote provisioning has the following restrictions During provisioning the Firebox and the router should be the only devi...

Page 48: ...2 Turn the Firebox off and then on Allow time for the Firebox to boot Confirm that there is a flashing pattern with a red blinking Trusted deny light on the lower edge of the Security Triangle Display...

Page 49: ...image This is important to note if you are loading a new version patch or component onto the Firebox Restore the backup configuration file to the primary area of the Firebox flash disk when You incor...

Page 50: ...Managing flash disk memory 46...

Page 51: ...000001 represents the character 0x00 bit 31 80000000 represents the character 0x1f or _ If multiple asyncmap options are given the values are ORed together If no asyncmap option is given no async char...

Page 52: ...of nr bits and agree to compress packets sent to the peer with a maximum code size of nt bits If nt is not specified it defaults to the value given for nr Values in the range 9 to 15 can be used for...

Page 53: ...e n Set the maximum number of IPCP configure NAKs returned before starting to send configure rejects instead to n default 10 ipcp max terminate n Set the maximum number of IPCP terminate request trans...

Page 54: ...rrier Detect signal from the modem to be asserted when opening the serial device unless a connect script is specified and it will drop the DTR Data Terminal Ready signal briefly when the connection is...

Page 55: ...nd option has been specified novjccomp Disable the connection ID compression option in Van Jacobson style TCP IP header compression With this option pppd will not omit the connection ID byte from Van...

Page 56: ...answer incoming calls after one ring 9 Expect back a final OK from the modem For an out of band management connection the modem needs to be set up to answer the phone when it rings and to use hardwar...

Page 57: ...ew line at the end of the reply string This is the only method to send a string without a trailing return character It must be at the end of the send string For example the sequence hello c will simpl...

Page 58: ...Collapse the octal digits ddd into a single ASCII character and send that character Some characters are not valid in Ctrl C for these characters substitute the sequence with the control character rep...

Page 59: ...lly attacks IP addresses These probes are usually attempts to map IP address space to look for security holes that a sender might exploit to compromise system security AH authentication header A proto...

Page 60: ...network In WatchGuard documentation also called the Optional network bitmask A pattern of bits for an IP address that determines how much of the IP address identifies the host and how much identifies...

Page 61: ...to sites CIDR is described in RFC 1519 cipher block chaining A form of DES encryption that requires the entire message to decrypt rather than a portion of the message Class A Class B Class C See Inter...

Page 62: ...hGuard Policy Manager to allow specific content types through the Firebox data Distinct pieces of information usually formatted in a special way datagram A packet of data that stands alone Generally u...

Page 63: ...l up connection A connection between your remote computer and a server using software a modem and a telephone dimmed The grayed appearance of a command or option that is unavailable disarmed The state...

Page 64: ...encryption The translation of data into a secret code To read an encrypted file you must use a key or password that enables decryption ESP Encapsulation Security Payload A protocol used in IPSec avai...

Page 65: ...ork against unwanted use and abuse via net connections firewalling The creation or running of a firewall flash disk An 8 megabyte on board flash ROM disk that acts like a hard disk in a Firebox FTP Fi...

Page 66: ...ng the secure transmission of data and HTML files Generally used in conjunction with Secure Sockets Layer SSL hyperlink An object on a Web page such as a graphic or underlined text that represents a l...

Page 67: ...ter or some other device that has a unique IP address Computers with more than one IP address are known as multihomed hosts IP fragment An IP datagram that is actually part of a larger IP packet IP fr...

Page 68: ...veSecurity Service LogViewer As a part of the Control Center the LogViewer displays a static view of the Logdb file loopback interface A pseudo interface that allows a host to use IP to talk to its ow...

Page 69: ...and architecture of the network netmask An inverse mask of the significant bits of a network address On a local net the range of addresses one can expect to be found directly connected to the network...

Page 70: ...pplication of PCMCIA cards is for modems and storage permission Authorization to perform an action PLIP Parallel Line Internet Protocol A protocol for exchanging IP packets over a parallel cable Polic...

Page 71: ...um Policy Manager configuration is set with the most basic services on the box Ping and WatchGuard It also sets the IP addresses on the Firebox proxy server A server that stands in place of another se...

Page 72: ...one another and configure the best route between any two hosts RUVPN Remote User VPN Remote User Virtual Private Networking establishes a secure connection between an unsecured remote host and a prot...

Page 73: ...hereby a hacker sends a command to an already existing connection in order to have that command provide the information needed to stage a separate attack shared secret A passphrase or password that is...

Page 74: ...network are remapped to an address behind the firewall subnet To split a network into multiple smaller networks For example one could take a class C network with 256 available addresses and create two...

Page 75: ...tive a dedicated physical network is either prohibitively expensive or impossible to create Companies with branch offices commonly use VPNs to connect multiple locations WAN wide area network A comput...

Page 76: ...operating systems With name resolution users access servers by name rather than needing to use an IP address wizard A tool that guides you through a complex task by asking questions and then performin...

Page 77: ...h memory 44 H Headers content type 9 I Initialization Strings modem 51 PPP 47 Internet Protocol Header 1 Internet Protocol Options 5 IP Header Number List 2 protocol reference 1 M Modem initialization...

Page 78: ...x from 41 system area 44 T TCP 1 TCP IP 1 Transfer Protocols ESP 6 general 5 GGP 6 GRE 6 ICMP 6 IGMP 6 IPIP 6 TCP 6 UDP 5 Troubleshooting 42 W WebBlocker categories 29 searching for blocked sites 31 T...

Reviews:

No comments

Related manuals for Firebox X20E

Nmea Connect Plus

Brand: Calypso Pages: 21

Brand: UrsaLeo Pages: 5

Brand: ZyXEL Communications Pages: 210

Brand: Ubee Pages: 119

MSR3610-I Series

Brand: H3C Pages: 33

Brand: Dusun Pages: 8

Brand: Huawei Pages: 28

Brand: Huawei Pages: 28

Brand: Huawei Pages: 12

Brand: Planet Pages: 62

Brand: Planet Networking & Communication Pages: 77

Brand: Comcast Pages: 6

Brand: Comcast Pages: 13

Brand: Ness Pages: 50

Brand: IBM Pages: 2

Brand: IBM Pages: 20

Brand: RTA Pages: 86

Brand: R9 Technology Pages: 10

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands