WSM Reference Guide - WatchGuard Technologies
WSM Reference Guide - WatchGuard Technologies
WSM Reference Guide - WatchGuard Technologies
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Transfer Protocols<br />
Source Routing<br />
The loose source route option and the strict source route option enable the source of an<br />
Internet packet to give routing information. Source routing options can be very dangerous,<br />
because an attacker could use them to masquerade as a different user. But, loose source route<br />
option and the traceroute tool can also help debug some unusual routing problems.<br />
Record Route<br />
The record route option was first used to do tests on the Internet. But, record route can record<br />
only ten IP addresses. On the current Internet, a typical connection can include 20 or 30<br />
different routers, making the record route option out of date.<br />
Time Stamp<br />
The time stamp option measures the time for a packet to make one full cycle (source --><br />
destination --> source). Higher level time protocols or time stamp messages do this task better<br />
than the time stamp option.<br />
Transfer Protocols<br />
The Internet Protocol (IP) includes information kept in the transport layer. The transport layer has different<br />
protocols that tell how to transmit data between software applications: for example, UDP, TCP, ICMP,<br />
and others.<br />
UDP<br />
User Datagram Protocol (UDP) is a datagram protocol that does not use connections. It is a very fast protocol,<br />
and it does not use much bandwidth or CPU. But, you cannot trust that datagrams will get to their<br />
destination. A software application that uses UDP must make sure that the full message gets to its destination<br />
in the correct sequence.<br />
Characteristics of UDP include:<br />
• Frequently used for services that include the exchange of small quantities of data where sending<br />
a datagram more than one time is not a problem.<br />
• Used for services such as time synchronization in which a missing packet does not have an effect<br />
on continued operation. Many systems using UDP send packets again at a constant rate to tell<br />
other systems about unusual events.<br />
• Frequently used on LANs. Because of its low system and bandwidth requirements, it gives a large<br />
performance advantage to Network File System (NFS) services users. Network File System is a<br />
popular TCP/IP service for supplying shared file systems over a network.<br />
• Gives supports to broadcasts.<br />
• Gives abstraction of ports. A connection is made of its source and destination ports and its source<br />
and destination IP addresses. In typical use, port numbers less than 1024 are saved for wellknown<br />
services (destinations). The client side can use ports higher than1023 for the source of the<br />
connection. But, this rule has many exceptions: NFS (port 2049) and Archie (port 1525) use server<br />
ports at numbers higher than1024. Some services use the same source and destination port for<br />
server to server connections. Examples include DNS (53), NTP (123), syslog (514), and RIP (520).<br />
<strong>Reference</strong> <strong>Guide</strong> 5