WSM Reference Guide - WatchGuard Technologies
Share Embed Flag
Download ePaper

WSM Reference Guide - WatchGuard Technologies

WSM Reference Guide - WatchGuard Technologies WSM Reference Guide - WatchGuard Technologies

watchguard.com
from watchguard.com More from this publisher
20.02.2014 Views

Standard Ports and Random Ports TCP Transmission Control Protocol (TCP) enables two hosts to make a connection and send streams of data to each other. TCP makes sure that the data that is sent gets to its destination. It also makes sure that packets are put in the same sequence as when they were sent. TCP manages connections with properties that control the condition of a connection. Three very important properties of TCP packets are the SYN, ACK, and FIN bits. The SYN bit is set only on the first packet sent in each direction for a given connection. The ACK bit is set when the other side gets the data. The FIN bit is set when the source or destination closes the connection. ICMP The Internet Control Message Protocol (ICMP) is most frequently used to supply error information about other services. It operates using the same method as UDP. That is, it does not use connections and does not make sure that packets get to their destination. One dangerous ICMP packet is the ICMP redirect packet, which can change routing information on the devices that receive it. Other protocols Most traffic on the Internet uses TCP, UDP, or ICMP protocols. Some other protocols are as follows: IGMP (Internet Group Multicast Protocol) A protocol used for hosts on multicast access networks to tell locally attached routers the group they are a member of. IPIP (IP-within-IP) An encapsulation protocol used to assemble virtual networks on the Internet. GGP (Gateway-Gateway Protocol A routing protocol used between different systems. GR ES A protocol used for PPTP. An encryption protocol used for IPSec. Standard Ports and Random Ports UDP and TCP use encapsulation of information contained in the application layer. The software application procedures are specified by source ad destination port numbers. These port numbers, together with the source and destination IP addresses, supply a unique connection on the Internet. For example, you can have two telnet sessions from one host to a different host. Since telnet uses a wellknown service port number of 23, something must be different between these two connections. The other port in these conditions is a port that is usually larger than 1023. The operating system on the client side assigns this port number automatically. Random ports can cause problems if they match a well-known service on a port higher than 1023. If some client computer assigns a random port of 2049, no connection can be made. This type of problem frequently occurs with the X Window and Archie services. Usually, most operating systems assign port numbers between 1024 and 2100. Because of this, this problem does not occur frequently. 6 WatchGuard System Manager

CHAPTER 2 MIME Content Types Software applications use content type headers to identify the type of data they receive. Content type headers tell the software application how to correctly identify and display video clips, images, sound, or other data. Usually, people are most familiar with the MIME content types used in e-mail. The WatchGuard HTTP proxy can use content type headers to know if it must allow or deny HTTP traffic. Use Policy Manager to configure an HTTP proxy policy to allow or deny content types. Content types are also used in the SMTP and FTP proxies. This chapter contains a list of the MIME content types included in a WatchGuard configuration file. You can use wildcards to select all subtypes of a type, and thus deny all or allow all of that MIME type. For example, to allow all content types that are text (including text/enriched, text/plain, and others), use the content type text/*. New, registered MIME content types appear regularly. WatchGuard recommends frequent checks of an online source for the most current list. One source of current MIME types is: www.iana.org/assignments/media-types/ Note that software applications can use incorrect content types, or content types that are not registered, To make a request to add a new content type in the WatchGuard list, send an e-mail to: manual@watchguard.com Type Subtype Reference (where available) application * application activemessage Shapiro application andrew-inset Borenstein application applefile Falstrom application astound application atomicmail Borenstein application cals-1840 RFC 1895 application commonground Glazner application cybercash Eastlake application dca-rft Campbell application dec-dx Campbell Reference Guide 7

Standard Ports and Random Ports<br />

TCP<br />

Transmission Control Protocol (TCP) enables two hosts to make a connection and send streams of data<br />

to each other. TCP makes sure that the data that is sent gets to its destination. It also makes sure that<br />

packets are put in the same sequence as when they were sent.<br />

TCP manages connections with properties that control the condition of a connection. Three very important<br />

properties of TCP packets are the SYN, ACK, and FIN bits. The SYN bit is set only on the first packet<br />

sent in each direction for a given connection. The ACK bit is set when the other side gets the data. The<br />

FIN bit is set when the source or destination closes the connection.<br />

ICMP<br />

The Internet Control Message Protocol (ICMP) is most frequently used to supply error information about<br />

other services. It operates using the same method as UDP. That is, it does not use connections and does<br />

not make sure that packets get to their destination. One dangerous ICMP packet is the ICMP redirect<br />

packet, which can change routing information on the devices that receive it.<br />

Other protocols<br />

Most traffic on the Internet uses TCP, UDP, or ICMP protocols. Some other protocols are as follows:<br />

IGMP (Internet Group Multicast Protocol)<br />

A protocol used for hosts on multicast access networks to tell locally attached routers the group<br />

they are a member of.<br />

IPIP (IP-within-IP)<br />

An encapsulation protocol used to assemble virtual networks on the Internet.<br />

GGP (Gateway-Gateway Protocol<br />

A routing protocol used between different systems.<br />

GR<br />

ES<br />

A protocol used for PPTP.<br />

An encryption protocol used for IPSec.<br />

Standard Ports and Random Ports<br />

UDP and TCP use encapsulation of information contained in the application layer. The software application<br />

procedures are specified by source ad destination port numbers. These port numbers, together<br />

with the source and destination IP addresses, supply a unique connection on the Internet.<br />

For example, you can have two telnet sessions from one host to a different host. Since telnet uses a wellknown<br />

service port number of 23, something must be different between these two connections. The<br />

other port in these conditions is a port that is usually larger than 1023. The operating system on the client<br />

side assigns this port number automatically.<br />

Random ports can cause problems if they match a well-known service on a port higher than 1023. If<br />

some client computer assigns a random port of 2049, no connection can be made. This type of problem<br />

frequently occurs with the X Window and Archie services.<br />

Usually, most operating systems assign port numbers between 1024 and 2100. Because of this, this<br />

problem does not occur frequently.<br />

6 <strong>WatchGuard</strong> System Manager

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!