WSM Reference Guide - WatchGuard Technologies

More documents

Recommendations

Info

General IT and Security Web Siteswww.gocsi.comThe Computer Security Institute (CSI) is the world's leading membership organizationspecifically dedicated to serving and training the information, computer and network securityprofessional. Since 1974, CSI has been providing education and aggressively advocating thecritical importance of protecting information assets.www.cerias.purdue.edu/homes/spaf/Dr. Eugene Spafford is a professor of computer sciences and electrical and computerengineering at Purdue University, where he has served on the faculty since 1987. He serves on anumber of advisory and editorial boards, and is internationally-known for his writing, research,and speaking on issues of security and ethics. Spafford's current research interests are primarilyin the areas of information security, computer crime investigation and information ethics.Spaf (as he is known to his friends, colleagues, and students) is Executive Director of the PurdueCERIAS (Center for Education and Research in Information Assurance and Security), and was thefounder and director of the (superseded) COAST Laboratory. This is his homepage.project.honeynet.orgThe Honeynet Project is a non-profit research organization of security professionals dedicatedto information security. They have no products, services or employees, and all research is doneon a volunteer basis. Their goal is to learn the tools, tactics, and motives of the blackhatcommunity and share these lessons learned. Founded in October, 1999, all work is OpenSourceand shared with the security community.www.infosecuritymag.comInformation Security is the enterprise security and risk managers' leading source of critical,objective information on strategic and practical security issues. Information Security's team ofveteran security journalists and experts break down the security problems challengingenterprises and provide practical resolutions.www.interhack.net/pubs/fwfaqThis collection of Frequently Asked Questions and answers about Internet firewalls has beencompiled over the years from fora such as Usenet, mailing lists, and Web sites. If you have aquestion, looking here to see whether it has been answered before posting your question isgood form. Don’t send your questions to the FAQ maintainers.www.cerias.purdue.edu/coast/firewallsThis site provides the comprehensive list of resources associated with Internet firewalls. The listis divided into sections to make finding information easier.www.microsoft.com/securityMicrosoft’s homepage for computer security resources.csrc.nist.govNational Institute of Standards and Technology, Computer Security Division.www.networkcomputing.comNetwork Computing magazine, part of the tech web business technology network, featurescontent covering general networking topics as well as specific security topics.www.securityfocus.comFormerly THE clearing house for security vulnerability announcements, Security Focus lostprestige after Symantec bought them (many readers assumed Symantec would bias thereporting). We haven't noticed any dramatic decline in quality, and we routinely use the site --especially its acclaimed Bugtraq list -- for information about new vulnerabilities. Pro: Often thefirst place security researchers post their advisories. Has a great "Basics" reading room for IT78 WatchGuard System Manager
White Hat Web Sitesbeginners. Cons: Advisories are posted in dense jargon difficult for beginners to comprehend.Poorly organized site can make finding a specific item tricky. Net: Authoritative,comprehensive, definitely a useful arrow in any sys admin's quiver.NewsNowNewsNow's UK-based spiders and bots automatically search over 15,000 news sources andreturn live links with the results, updated every five minutes. They offer dozens of newsfeeds(but do we really need to hear the latest on Michael Jackson every five minutes?). The feed youwant is called "Security" (listed under "Internet" in the left column. Don't choose "Hacking;"you'll get countless articles about various hackers in legal trouble.) Pro: Comprehensive, up-tothe-minutesurvey of worldwide Internet security. Con: The same information repeats countlesstimes as various online sources report it. Net: A great glimpse of security issues worldwide.The RegisterThis is not the first place you'll learn of emerging threats, but when you hear of one, depend onThe Reg for the most honest, no-hype summary of the issue. Pro: Plain-English writing style isgreat for IT beginners. Check out their "BOFH" series for hilariously bleak parodies of a networkadministrator's life. Con: Their scathing anti-Microsoft bias can get heavy-handed. Net: If youhave to explain a new vulnerability to non-technical superiors, you'll appreciate The Register'sstyle.White Hat Web SitesAmerican cinema of the 1930s, 40s, and early 50s, with their endless stream of big-city gangsters andsinging cowboys, popularized the metaphorical idea that "good guys" wear white hats and "bad guys"reliably identify themselves by wearing black hats. Extending the tradition today, "white hat" computersecurity researchers find security holes in commercial software, but instead of telling everyone, they firstinform the manufacturer of the flaw. Then they cooperate with the manufacturer in getting the flawfixed before announcing their discovery to the public. We appreciate the efforts of these good guys.NTBugTraqDon't let the "NT" fool you: Russ Cooper's site tracks security vulnerabilities in every kind ofMicrosoft software that businesses typically use, from server software to Office. Russ'sextraordinarily objective assessments neither bash Microsoft, nor cover their sometimesegregious security lapses. He has developed good relationships with key Microsoft personnel,and can often provide a straighter scoop on MS flaws than you can get through official MSchannels.HackerIntel.comWe like this site as a source of information about hacking and network security-related events.Administrators from educational institutions should consider bookmarking this site, because itsmulti-faceted coverage includes news accounts hard to find elsewhere about universitynetworks being hacked.Crypto-GramBruce Schneier has two gifts you rarely see in one person: he is a bona fide cryptographicexpert, and he can write in clear, everyday English. This free e-newsletter is not an alert service;rather, Schneier's insights on security issues will, over time, teach you how to think aboutsecurity in general -- for example, how to assess whether a "cure" costs more than the risk itaddresses, and how to resist falling for a great-sounding plan that doesn't actually provideadded security.Reference Guide 79
Page 1 and 2:
WatchGuard ® System ManagerReferen
Page 3 and 4:
ContentsCHAPTER 1 Internet Protocol
Page 5 and 6:
CHAPTER 1Internet Protocol Referenc
Page 7 and 8:
Internet Protocol HeaderKeyword Num
Page 9 and 10:
Transfer ProtocolsSource RoutingThe
Page 11 and 12:
CHAPTER 2MIME Content TypesSoftware
Page 13 and 14:
Type Subtype Reference (where avail
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
CHAPTER 3Services and PortsWell-kno
Page 25 and 26:
Well-Known Services ListPort(s) Pro
Page 27 and 28:
Well-Known Services ListService Nam
Page 29 and 30:
Well-Known Services ListService Nam
Page 31 and 32: CHAPTER 4Log MessagesUnderstanding
Page 33 and 34: Traffic LogsFWAllowEach packet filt
Page 35 and 36: Traffic Logsdst_ip="66.35.250.151"
Page 37 and 38: Traffic LogsDNS Proxy Traffic Log M
Page 39 and 40: Traffic LogsHTTP Proxy Traffic Log
Page 41 and 42: Alarm LogsPolicy AlarmsDefaultNameP
Page 43 and 44: Alarm LogsDenial of Servce (DoS) Al
Page 45 and 46: Event LogsGateway AntiVirus Service
Page 47 and 48: Event LogsDescription of Log Module
Page 49 and 50: Event LogsEvent Log Message Catalog
Page 59 and 60: Firebox Log File XML DTD and Schema
Page 61 and 62: Firebox® X Edge Log MessagesModule
Page 73 and 74: CHAPTER 5WebBlocker ContentWatchGua
Page 75 and 76: WebBlocker CategoriesCategoryDrugs,
Page 77 and 78: WebBlocker CategoriesCategoryJob Se
Page 79 and 80: CHAPTER 6ResourcesThere are many re
Page 81: Mailing ListsMailing Listswg-users@
Page 85 and 86: Other Web Sitesmaintains a list of
Page 87 and 88: RSS Feedswww.sophos.com/virusinfo/i
Page 89 and 90: IndexBblocked sites, searching for
show all

WSM Reference Guide - WatchGuard Technologies

Create successful ePaper yourself

Delete template?

Save as template?