WatchGuard x1000 参考指南
Packet Filter Services
Reference Guide
53
from one location. RADIUS prevents hackers from intercepting and
responding to authentication requests by transmitting an authentication
key that identifies it to the RADIUS client.
responding to authentication requests by transmitting an authentication
key that identifies it to the RADIUS client.
Characteristics
•
Protocol: UDP
•
Server Port(s): 1645
•
Client Port(s): client
RIP
RIP is a routing protocol that predates IP, making it one of the oldest
protocols on the Internet. It is used to automatically build routing tables
for local routers. Because it is directionless, it is quite similar to DNS in
configuration. You should enable RIP only if your Internet service
provider requires that you run a routing daemon.
protocols on the Internet. It is used to automatically build routing tables
for local routers. Because it is directionless, it is quite similar to DNS in
configuration. You should enable RIP only if your Internet service
provider requires that you run a routing daemon.
Incorrect or deceptive routing information can wreak havoc with local
networks, could cause service denial problems, and possibly completely
compromise the local network. Enable this service only after careful
consideration.
networks, could cause service denial problems, and possibly completely
compromise the local network. Enable this service only after careful
consideration.
Characteristics
•
Protocol: UDP
•
Server Port(s): 520
•
Client Port(s): greater than 1023
SMB (Windows Networking)
Server Message Block (SMB) is used by Windows to share files,
computers, printers, and other network resources.
computers, printers, and other network resources.
If you set up replication, you may see repeated attempts to use the port
mapper service on port 135. This will eventually fail, and fall back to
using port 42. Refer to the RFC for DCE, and the DCE-RPC proxy sections
for more details.
mapper service on port 135. This will eventually fail, and fall back to
using port 42. Refer to the RFC for DCE, and the DCE-RPC proxy sections
for more details.