WatchGuard x1000 Guia De Referência
Packet Filter Services
Reference Guide
41
WatchGuard to add the source IP address to the Blocked Sites List
whenever an incoming archie connection is denied. All of the usual
logging options can be used with archie.
whenever an incoming archie connection is denied. All of the usual
logging options can be used with archie.
WatchGuard recommends that you use the available WWW interfaces to
archie, such as: http://www.macsch.com/stress/archie.html
archie, such as: http://www.macsch.com/stress/archie.html
Characteristics
•
Protocol: UDP
•
Server Port(s): 1525
•
Client Port(s): greater than 1023
auth (ident)
auth (ident) is a protocol used to map TCP connections back to a user
name. It is used primarily by large public SMTP and FTP servers and
certain security packages. While useful for logging, the information is
seldom reliable, as attackers can make modified servers that return
incorrect information. Incoming auth service responds with “fake”
information to hide internal user information.
name. It is used primarily by large public SMTP and FTP servers and
certain security packages. While useful for logging, the information is
seldom reliable, as attackers can make modified servers that return
incorrect information. Incoming auth service responds with “fake”
information to hide internal user information.
When using SMTP with incoming static NAT, you must add auth to the
Services Arena. Configure auth to allow incoming to the Firebox. This
enables outgoing mail messages to flow unrestricted from behind the
Firebox to the numerous SMTP servers on the Internet that use auth to
verify other mail servers’ identities, and allows these servers to return
messages through the Firebox to their senders.
Services Arena. Configure auth to allow incoming to the Firebox. This
enables outgoing mail messages to flow unrestricted from behind the
Firebox to the numerous SMTP servers on the Internet that use auth to
verify other mail servers’ identities, and allows these servers to return
messages through the Firebox to their senders.
If you are not using incoming sdymtatic NAT, allow incoming auth to the
IP address of your mail server.
IP address of your mail server.
WatchGuard recommends that both incoming and outgoing auth services
be allowed, but be aware that such services can collect valid user names
which can be used for hacking purposes.
be allowed, but be aware that such services can collect valid user names
which can be used for hacking purposes.
Characteristics
•
Protocol: TCP
•
Server Port(s): 113
•
Client Port(s): greater than 1023