Watchguard Firebox X20E, Firebox X55E, Firebox X10E, Firebox System 4.6 Reference Manual

WatchGuard

®

Firebox™ System
Reference Guide

Firebox System 4.6

Disclaimer

Information in this guide is subject to change without notice. Companies, names, and data used in
examples herein are fictitious unless otherwise noted. No part of this guide may be reproduced or
transmitted in any form or by any means, electronic or mechanical, for any purpose, without the
express written permission of WatchGuard Technologies, Inc.

Copyright and Patent Information

Copyright© 1998 - 2001 WatchGuard Technologies, Inc. All rights reserved.
WatchGuard, Firebox, LiveSecurity, and SpamScreen are either registered trademarks or

trademarks of WatchGuard Technologies, Inc. in the United States and other countries. This product
is covered by one or more pending patent applications.
All other trademarks and tradenames are the property of their respective owners.
Printed in the United States of America.

DocVer:WatchGuard Firebox System 4.6 Reference Guide - 4.6.1

ii

Table of Contents

CHAPTER 1 Internet Protocol Reference ............................................. 1

Internet Protocol header ................................................................1

Internet Protocol options ............................................................... 5

Transfer protocols ...........................................................................5

Standard ports and random ports .................................................. 7

CHAPTER 2 Content Types ...................................................................9

Mime content types list .................................................................. 9

CHAPTER 3 Services and Ports ........................................................... 19

Ports used by WatchGuard products ............................................ 19

Ports used by Microsoft products ................................................. 20

Well-known services list ................................................................ 21

CHAPTER 4 WebBlocker Content ...................................................... 29

WebBlocker categories ................................................................ 29

Searching for Blocked Sites .......................................................... 31

CHAPTER 5 Resources .........................................................................33

Publishers .....................................................................................33

Books ............................................................................................34

White papers & requests for comments .......................................35

Mailing Lists .................................................................................. 35

Web Sites .....................................................................................35

Newsgroups .................................................................................37

User Guide iii

CHAPTER 6 Firebox Read-Only System Area ....................................39

Initializing a Firebox using Hands-Free Installation ......................40

Initializing a Firebox using a serial cable ......................................40

Initializing a Firebox using a modem ............................................43

Initializing using remote provisioning ...........................................43

Managing flash disk memory ........................................................44

CHAPTER 7 Out-of-Band Initialization Strings ..................................47

PPP initialization strings ................................................................47

Modem initialization strings ..........................................................51

CHAPTER 8 Glossary ............................................................................55

Index ............................................................................................... 73

iv

CHAPTER 1 Internet Protocol Reference

Internet Protocol (IP) specifies the format of packets and the addressing scheme for
sending data over the Internet. By itself, it functions like a postal system allowing you
to address a package and drop it into the system. There is, however, no direct link
between you and the recipient. In other words, there is no package.

Most networks combine IP with higher-level protocols like Transmission Control
Protocol (TCP). Unlike simple IP, TCP/IP establishes a connection between two host
servers so that they can send messages back and forth. TCP/IP provides the
“packaging.”

Internet Protocol header

Internet Protocol (IP) is an Internet standard and enables the shipment of datagrams
– self-contained packets of information that include their own address and delivery
instructions. IP prepends a header to each datagram. The IP header contains a
minimum of twelve attributes as well as additional optional attributes.

Attribute Size Description

Version 4 bits IP format number (Current version = 4)

IHL 4 bits Header length in 32-bit words (Minimum = 5)

TOS 8 bits Type of service sets routing priorities. It is generally

Tot _L en 16 bits Total length of packet measured in octets. It is used in

ID 16 bits Packet ID, used for reassembling fragments.

Flags 3 bits Miscellaneous flags

Frag_Off 13 bits Identifies fragment part for this packet.

TTL 8 bits Time to live. It sets the maximum time the datagram

under-utilized because few application layers can set it.

reassembling fragments.

remains alive in the system.

Reference Guide 1

Internet Protocol header

Attribute Size Description

Protocol 8 bits IP protocol number. Indicates which of TCP, UDP, ICMP,

Check 16 bits Checksum for the IP header

Sour_Addr 32 bits Source IP address

Dest_Addr 32 bits Destination IP address

Options 24 bits IP Options (Present if IHL is 6)

IP header number list

The IP Protocol header contains an 8-bit field that identifies the protocol for the
Transport layer for the datagram.

Keyword Number Protocol

ICMP 1 Internet Control Message

IGMP 2 Internet Group Management

GGP 3 Gateway-to-Gateway

IP 4 IP-within-IP (encapsulation)

ST 5 Stream

TCP 6 Transmission Control Protocol

UCL 7 UCL

EGP 8 Exterior Gateway Protocol

IGP 9 Any private interior gateway

BBN-RCC-MON 10 BBN RCC Monitoring

NVP-II 11 Network Voice Protocol

PUP 12 PUP

ARGUS 13 ARGUS

EMCON 14 EMCON

XNET 15 Cross Net Debugger

CHAOS 16 Chaos

UDP 17 User Datagram Protocol

MUX 18 Multiplexing

DCN-MEAS 19 DCN Measurement Subsystems

HMP 20 Host Monitoring

PRM 21 Packet Radio Measurement

XNS-IDP 22 XEROX NS IDP

TRUNK-1 23 Trunk-1

TRUNK-2 24 Trunk-2

LEAF-1 25 Leaf-1

LEAF-2 26 Leaf-2

IGMP, or other Transport protocol is inside.

0 Reserved

2

Internet Protocol header

Keyword Number Protocol

RDP 27 Reliable Data Protocol

IRTP 28 Internet Reliable Transaction

ISO-TP4 29 ISO Transport Protocol Class 4

NETBLT 30 Bulk Data Transfer Protocol

MFE-NSP 31 MFE Network Services Protocol

MERIT-INP 32 MERIT Internodal Protocol

SEP 33 Sequential Exchange Protocol

3PC 34 Third Party Connect Protocol

IDPR 35 Inter-Domain Policy Routing Protocol

XTP 36 XTP

DDP 37 Datagram Delivery Protocol

IDPR-CMTP 38 IDPR Control Message Transport Protocol

TP++ 39 TP++ Transport Protocol

IL 40 IL Transport Protocol

SIP 41 Simple Internet Protocol

SDRP 42 Source Demand Routing Protocol

SIP-SR 43 SIP Source Route

SIP-FRAG 44 SIP Fragment

IDRP 45 Inter-Domain Routing Protocol

RSVP 46 Reservation Protocol

GRE 47 General Routing Encapsulation

MHRP 48 Mobile Host Routing Protocol

BNA 49 BNA

ESP 50 Encapsulated Security Payload

AH 51 Authentication Header

I-NLSP 52 Integrated Net Layer Security TUBA

SWIPE 53 IP with Encryption

NHRP 54 NBMA Next Hop Resolution Protocol

55-60 Unassigned

61 Any host internal protocol

CFTP 62 CFTP

63 Any local network

SAT-EXPAK 64 SATNET and Backroom EXPAK

KRYPTOLAN 65 Kryptolan

RVD 66 MIT Remote Virtual Disk Protocol

IPPC 67 Internet Pluribus Packet Core

68 Any distributed file system

SAT-MON 69 SATNET Monitoring

Reference Guide 3

Internet Protocol header

Keyword Number Protocol

VISA 70 VISA Protocol

IPCV 71 Internet Packet Core Utility

CPNX 72 Computer Protocol Network Executive

CPHB 73 Computer Protocol Heart Beat

WSN 74 Wang Span Network

PVP 75 Packet Video Protocol

BR-SAT-MON 76 Backroom SATNET Monitoring

SUN-ND 77 SUN NDPROTOCOL-Temporary

WB-MON 78 WIDEBAND Monitoring

WB-EXPAK 79 WIDEBAND EXPAK

ISO-IP 80 ISO Internet Protocol

VMTP 81 VMTP

SECURE-VMTP 82 SECURE-VMTP

VINES 83 VINES

TTP 84 TTP

NSFNET-IGP 85 NSFNET-IGP

DGP 86 Dissimilar Gateway Protocol

TCF 87 TCF

IGRP 88 IGRP

OSPFIGP 89 OSPFIGP

SPRITE-RPC 90 Sprite RPC Protocol

LARP 91 Locus Address Resolution Protocol

MTP 92 Multicast Transport Protocol

AX.25 93 AX.25 Frames

IPIP 94 IP-within-IP Encapsulation Protocol

MICP 95 Mobile Internetworking Control Protocol

SCC-SP 96 Semaphore Communications Security Protocol

ETHERIP 97 Ethernet-within-IP Encapsulation

ENCAP 98 Encapsulation Header

GMTP 100 GMTP

99 Any private encryption scheme

101-254 Unassigned

255 Reserved

4

Internet Protocol options

Internet Protocol options are variable-length additions to the standard IP header. IP
options can either be of limited usefulness or very dangerous. There are several kinds
of IP options:

Security

Control routing of IP packets that carry sensitive data. Security options are
rarely supported.

Stream ID (SID)

The stream ID option is rarely supported.

Source Routing

Both the loose source route option and the strict source route option enable
the source of an Internet packet to provide routing information. Source
routing options can be very dangerous, because a clever attacker might use
them to masquerade as another site. However, loose source routing and the
traceroute facility can also help debug some obscure routing problems.

Record Route

The record route option was originally intended for use in testing the Internet.
Unfortunately, record route can record only ten IP addresses. On the present
Internet, typical long-haul transmissions can involve twenty or thirty hops,
rendering the record route option obsolete.

Internet Protocol options

Time Stamp

The time stamp option helps measure network propagation delays. This task
is done more effectively, however, with higher-level time protocols or time­stamp messages.

Because most applications make it very obscure or difficult to use IP options, they are
rarely used.

Transfer protocols

The IP protocol encapsulates information contained in the transport layer. The
transport layer has several protocols that specify how to transmit data between
applications: for example, UDP, TCP, ICMP, and others.

UDP

User Datagram Protocol (UDP) is a connectionless, potentially unreliable datagram
protocol. It trades reliability for speed and low overhead. To ensure accurate
transmission, it requires that the application layer verify that packets arrive at their
destination.

Characteristics of UDP include:

Reference Guide 5

Transfer protocols

• Often used for services involving the transfer of small amounts of data where
retransmitting a request is not a problem.

• Used for services such as time synchronization in which an occasionally lost
packet will not affect continued operation. Many systems using UDP resend
packets at a constant rate to inform their peers about interesting events.

• Primarily used on LANs, in particular for NFS services where its low overhead
gives it a substantial performance advantage. A lack of congestion control
means that using UDP for bulk data transfer over long-haul connections is not
recommended.

• Supports broadcasts.

• Provides abstraction of ports.

• A connection is described by its source and destination ports and its source and
destination IP addresses. In typical usage, port numbers below 1024 are
reserved for well-known services (destinations), and the client side is supposed
to use ports above 1023 for the source of the connection. However, this rule has
many notable exceptions. In particular, NFS (port 2049) and Archie (port 1525)
use server ports at numbers above 1024. Some services use the same source and
destination port for server-to-server connections. Common examples are DNS
(53), NTP (123), syslog (514), and RIP (520).

TCP

Transmission Control Protocol (TCP) provides reliable stream-oriented services. It
trades speed and overhead for increased reliability. Like UDP, TCP provides source
and destination ports that are used in a similar fashion.

TCP uses a rather complicated state machine to manage connections. There are
several attribute bits that control the state of a connection. Three very important
attribute bits of TCP packets are the SYN, ACK, and FIN bits. The SYN bit is set only
on the first packet sent in each direction for a given connection. The ACK bit is set
when the other side is acknowledging the receipt of data to the peer. The FIN bit is set
when either side chooses to close the connection.

ICMP

The Internet Control Message Protocol (ICMP) is used primarily to deliver error
information about other services. It is otherwise quite similar in practical operation to
UDP. That is, it is connectionless and does not guarantee that packets are delivered to
their destination. One dangerous ICMP packet is the ICMP redirect packet, which can
change routing information on the machines that receive it.

Other protocols

The vast majority of the traffic on the Internet uses one of the three protocols
mentioned above. There are some others that are of interest:

IGMP (Internet Group Multicast Protocol)

A protocol supporting multicasts used by SGI’s Dogfight game.

6

IPIP (IP-within-IP)

An encapsulation protocol used to build virtual networks over the Internet.

GGP (Gateway-Gateway Protocol)

A routing protocol used between autonomous systems.

GRE

A protocol used for PPTP.

ESP

An encryption protocol used for IPSec.

Standard ports and random ports

UDP and TCP encapsulate information contained within the application layer. The
appropriate application processes are designated by source and destination port
numbers. These port numbers, along with the source and destination IP addresses,
specify a unique connection on the Internet.

Standard ports and random ports

For example, it is reasonable to have two telnet sessions from one host to another.
However, since telnet uses a well-known service number of 23, something must
distinguish these two connections. The other port in these cases will be a port that is
typically greater than 1023. This alternative port designation is dynamically allocated
by the operating system on the client side.

Random ports can cause a great amount of trouble if they happen to match a well­known service on a port above 1023. If some client machine assigns a random port of
2049, the connection may mysteriously fail. Similar problems can occur with the X
Window and Archie services.

In practice, most operating systems cycle port numbers between 1024 and a number
somewhere in the range of 2100, depending on how many TCP connections are
currently open and whether a recently closed connection used a similar port number.
This makes the above problem rare.

Reference Guide 7

Standard ports and random ports

8

CHAPTER 2 Content Types

A content-type header is used by applications to determine what kind of data they
are receiving, thus allowing them to make decisions about how it should be handled.
It allows clients to correctly identify and display video clips, images, sound, or non­HTML data. People are probably most familiar with the MIME content-types sent in
e-mail.

The WatchGuard Proxied HTTP service uses content-type headers to determine
whether to allow or deny an HTTP transaction. Use the Policy Manager to configure
the Proxied HTTP service to allow or deny content-types. Content types are also used
in SMTP and are configurable in the SMTP proxy. This chapter contains a list of the
more commonly used MIME content-types. The MIME content-types are written as
follows:

type/sub-type

Wildcards may be used to select all sub-types within a type, thereby denying all or
allowing all of that MIME type. For example, to allow all content-types that are text
(including text/enriched, text/plain, and others), use the content-type

New, registered MIME content-types appear regularly. WatchGuard
recommends frequent checking of an online reference for the most current list.
One source of current MIME types is

ftp://ftp.isi.edu/in-notes/iana/assignments/media­types

In addition, WatchGuard encourages you to e-mail requests for inclusion of new
content types in our master list to manual@watchguard.com

Mime content types list

application/*

application/activemessage Active message

application/andrew-inset AFS EZ inset

text/*.

Reference Guide 9

Mime content types list

application/applefile Generic Macintosh files

application/astound Astound Web Player

application/atomicmail Atomic Mail

application/cals-1840 CALS (RFC 1895)

application/commonground

application/cybercash

application/dca-rft

application/dec-dx

application/eshop

application/hyperstudio

application/iges

application/mac-binhex40

application/macwriteii

application/marc

application/mathematica

application/ms-excel Excel spreadsheet

application/msword Word document

application/news-message-id

application/news-transmission

application/octet-stream

application/oda

application/pdf

application/pgp-encrypted PGP encrypted (RFC 2015)

application/pgp-keys PGP keys (RFC 2015)

application/pgp-signature PGP signature (RFC 2015)

application/pkcs10

application/pkcs7-mime

application/pkcs7-signature

application/postscript PostScript

application/prs.alvestrand.titrax+

application/prs.cww

application/prs.nprend

application/remote-printing

application/riscos

application/rtf Microsoft Rich Text Format

application/set-payment SET payment

application/set-payment-initiation

application/set-registration

application/set-registration-initiation

10

Mime content types list

application/sgml SGML application (RFC 1874)

application/sgml-open-catalog

application/slate

application/vis5d Vis5D 5-dimensional data

application/vnd.3M.Post-it-Notes

application/vnd.FloGraphIt

application/vnd.acucobol

application/vnd.acucobol~

application/vnd.anser-web-certificate-issue­initiation

application/vnd.anser-web-funds-transfer­initiation

application/vnd.audiograph

application/vnd.businessobjects

application/vnd.claymore

application/vnd.commerce-battelle

application/vnd.commonspace

application/vnd.cosmocaller

application/vnd.cybank

application/vnd.dna

application/vnd.dxr

application/vnd.ecdis-update

application/vnd.ecowin.chart

application/vnd.ecowin.filerequest

application/vnd.ecowin.fileupdate

application/vnd.ecowin.series

application/vnd.ecowin.seriesrequest

application/vnd.ecowin.seriesupdate

application/vnd.ecowin.seriesupdate

application/vnd.enliven

application/vnd.epson.quickanime

application/vnd.epson.salt

application/vnd.fdf

application/vnd.ffsns

application/vnd.framemaker

application/vnd.fujitsu.oasys

application/vnd.fujitsu.oasys2

application/vnd.fujitsu.oasys3

application/vnd.fujitsu.oasysgp

application/vnd.fujitsu.oasysprs

Reference Guide 11

Mime content types list

application/vnd.fujixerox.docuworks

application/vnd.fut-misnet

application/vnd.hp-HPGL

application/vnd.hp-PCL

application/vnd.hp-PCLXL

application/vnd.hp-hps

application/vnd.ibm.MiniPay

application/vnd.ibm.modcap

application/vnd.intercon.formnet

application/vnd.intertrust.digibo+

application/vnd.intertrust.nncp

application/vnd.intu.qbo

application/vnd.is-xpr

application/vnd.japannet-directory-service

application/vnd.japannet-jpnstore-wakeup

application/vnd.japannet-payment-wakeup

application/vnd.japannet-registration

application/vnd.japannet-registration-wakeup

application/vnd.japannet-setstore-wakeup

application/vnd.japannet-verification

application/vnd.japannet-verification-wakeup

application/vnd.koan

application/vnd.lotus-1-2-3

application/vnd.lotus-approach

application/vnd.lotus-freelance

application/vnd.lotus-organizer

application/vnd.lotus-screencam

application/vnd.lotus-wordpro

application/vnd.meridian-slingshot

application/vnd.mif

application/vnd.minisoft-hp3000-save

application/vnd.mitsubishi.misty-guard.trustweb

application/vnd.ms-artgalry

application/vnd.ms-asf

application/vnd.ms-powerpoint

application/vnd.ms-project

application/vnd.ms-tnef

application/vnd.ms-works

application/vnd.music-niff

12

application/vnd.musician

application/vnd.netfpx

application/vnd.noblenet-directory

application/vnd.noblenet-sealer

application/vnd.noblenet-web

application/vnd.novadigm.EDM

application/vnd.novadigm.EDX

application/vnd.novadigm.EXT

application/vnd.osa.netdeploy

application/vnd.powerbuilder6

application/vnd.powerbuilder6-s

application/vnd.powerbuilder6~

application/vnd.publishare-delta-tree

application/vnd.rapid

application/vnd.seemail

application/vnd.shana.informed.formdata

application/vnd.shana.informed.formtemp

application/vnd.shana.informed.interchange

application/vnd.shana.informed.package

application/vnd.street-stream

application/vnd.svd

application/vnd.swiftview-ics

application/vnd.truedoc

application/vnd.uplanet.alert

application/vnd.uplanet.alert-wbxml

application/vnd.uplanet.bearer-choi-wbxml

application/vnd.uplanet.bearer-choice

application/vnd.uplanet.cacheop

application/vnd.uplanet.cacheop-wbxml

application/vnd.uplanet.channel

application/vnd.uplanet.channel-wbxml

application/vnd.uplanet.list

application/vnd.uplanet.list-wbxml

application/vnd.uplanet.listcmd

application/vnd.uplanet.listcmd-wbxml

application/vnd.uplanet.signal

application/vnd.visio

application/vnd.webturbo

application/vnd.wrq-hp3000-labelled

Mime content types list

Reference Guide 13

Mime content types list

application/vnd.wt.stf

application/vnd.xara

application/vnd.yellowriver-custom-menu

application/wita Wang Info. Transfer Format (Wang)

application/wordperfect5.1 WordPerfect 5.1 document

application/x-alpha-form Specialized data entry forms

application/x-asap ASAP WordPower

application/x-bcpio Old CPIO format

application/x-chat Interactive chat (Ichat)

application/x-cpio POSIX CPIO format

application/x-csh UNIX c-shell program

application/x-director Macromedia Shockwave

application/x-dvi TeX dvi format

application/x-framemaker FrameMaker Documents (Frame)

application/x-gtar Gnu tar format

application/x-koan Koan music data (SSeyo)

application/x-latex LaTeX document

application/x-mif Maker Interchange Format (FrameMaker)

application/x-net-install Net Install (20/20 Software)

application/x-ns-proxy-autoconfig Autoconfiguration (Netscape)

application/x-oleobject OLE Object

application/x-olescript OLE script e.g., Visual Basic

application/x-p3d Play3D 3-D scene data (Play3D)

application/x-pcn Pointcast news data

application/x-pdf Adobe Acrobat PDF

application/x-perl Perl program

application/x-pn-realaudio Realaudio (Progressive Networks)

application/x-pointplus PointPlus presentation data

application/x-rad-powermedia PowerMedia multimedia

application/x-sh UNIX bourne shell program

application/x-shar UNIX sh shell archive

application/x-sprite Sizzler real-time video/animation

application/x-stuffit Macintosh Stuffit Archive

application/x-tar 4.3BSD TAR format

application/x-tcl Tcl (Tool Control Language) program

application/x-tex Te X /L a TeX d oc u me nt

application/x-texinfo GNU TexInfo document

application/x-troff Tro f f d ocume n t

application/x-troff-man Troff document with MAN macros

14

Mime content types list

application/x-troff-me Troff document with ME macros

application/x-troff-ms Troff document with MS macros

application/x-ustar POSIX tar format

application/x-wais-source WAIS sources

application/x-webbasic Visual Basic objects

application/x400-bp X.400 mail message body part (RFC 1494)

application/xml

application/zip DOS/PC - Pkzipped archive

audio/*

audio/32kadpcm

audio/basic

audio/basic Basic audio

audio/echospeech Compressed speech (Echo Speech Corp.)

audio/vnd.qcelp

audio/voxware Toolvox speech audio (Voxware)

audio/x-aiff Macintosh audio format (Apple)

audio/x-mpeg MPEG audio

audio/x-mpeg-2 MPEG-2 audio

audio/x-wav Microsoft audio

chemical/* (several types)

drawing/*

drawing/x-dwf Autocad WHIP vector drawings

graphics/*

graphics/x-inventor Open Inventor 3-D scenes

image/*

image/cgm Computer Graphics Metafile

image/fif Fractal Image Format

image/g3fax Group III Fax (RFC 1494)

image/gif Graphic Interchange Format (Compuserve)

image/ief Image Exchange Format (RFC 1314)

image/jpeg JPEG image file

image/naplps North Am. Presentation Layer Protocol

image/png Portable Network Graphics format

image/prs.btif

image/tiff TIFF image file

image/vnd.dwg

image/vnd.dxf

image/vnd.fastbidsheet

image/vnd.fpx

Reference Guide 15

Mime content types list

image/vnd.net-fpx

image/vnd.svf

image/vnd.xiff

image/wavelet Wavelet-compressed

image/x-cals CALS Type 1 or 2

image/x-cmu-raster CMU raster

image/x-cmx CMX vector image

image/x-dwg AutoCad Drawing

image/x-dxf AutoCad DXF file

image/x-mgx-dsf QuickSilver active image

image/x-ms-bmp Microsoft Windows bitmap

image/x-photo-cd Kodak Photo-CD

image/x-pict Macintosh PICT format

image/x-png Portable Network Graphics format

image/x-portable-anymap PNM (UNIX PPM package)

image/x-portable-bitmap PBM (UNIX PPM package)

image/x-portable-graymap PGM (UNIX PPM package)

image/x-portable-pixmap PPM (UNIX PPM package)

image/x-rgb RGB

image/x-svf Simple Vector Format

image/x-xbitmap X-Windows bitmap (b/w)

image/x-xwindowdump X Windowdump format

image/xpm X-Windows pixelmap (8-bit color)

message/*

message/delivery-status

message/disposition-notification

message/external-body

message/http

message/news

message/partial

message/rfc822

model/*

model/iges cad files

model/mesh see RFC 2077

model/vnd.dwf cad files

model/vrml VRML models

multipart/*

multipart/alternative

multipart/appledouble

16

Mime content types list

multipart/byteranges

multipart/digest

multipart/encrypted

multipart/form-data

multipart/header-set

multipart/mixed

multipart/parallel

multipart/related

multipart/report

multipart/signed

multipart/voice-message

qfn/updatedir Quicken Financial News

qfn/stockqt Quicken Financial News

qfn/datadld Quicken Finanical News

text/*

text/css Cascading Stylesheets

text/enriched Enriched text markup (RFC 1896)

text/html HTML text data (RFC 1866)

text/javascript Javascript program

text/plain Plain text: documents; program listings

text/richtext richtext (RFC 1521)

text/sgml SGML documents (RFC 1874)

text/tab-separated-values Tab-separated values (tabular)

text/uri-list lists of URLs

text/vbscript VBScript program

text/vnd.abc

text/vnd.fmi.flexstor

text/vnd.in3d.3dml

text/vnd.in3d.spot

text/vnd.latex-z

text/x-setext Structure enhanced text

text/x-speech Speech synthesis data

text/x-speech Speech synthesis data (MVP Solutions)

text/xml

video/*

video/mpeg MPEG video

video/mpeg-2 MPEG-2 video

video/quicktime Macintosh Quicktime

video/vdo VDOlive streaming video (VDOnet)

Reference Guide 17

Mime content types list

video/vivo Vivo streaming video (Vivo software)

video/vnd.motorola.video

video/vnd.motorola.videop

video/vnd.vivo

video/x-ms-asf Microsoft NetShow (streaming audio and

video)

video/x-msvideo Microsoft video

video/x-sgi-movie SGI Movie format

workbook/*

workbook/formulaone Spreadsheets (Visual Components)

x-conference/x-cooltalk Netscape Cooltalk chat data (Netscape)

x-form/x-openscape OpenScape OLE/OCX object

x-model/x-mesh Computational meshes for numerical

simulations

x-music/x-midi MIDI music data

x-script/x-wfxclient Client-server objects (Wayfarer)

x-world/*

x-world/x-3dmf QuickDraw3-D scene data

x-world/x-svr Viscape Interactive 3-D world data

x-world/x-vream WIRL - VRML data (VREAM)

x-world/x-vrml VRML data file

x-world/x-wvr WebActive 3d data

18

CHAPTER 3 Services and Ports

Well-known services are a combination of port number and transport protocol for
specific, standard applications. This chapter contains several tables that list service
names, port number, protocol and description.

Ports used by WatchGuard products

The WatchGuard Firebox, Management Station, and LiveSecurity Event Processor
(LSEP) use several ports during normal functioning.

Port # Protocol Purpose

4100 TCP Authentication applet

4101 TCP LSEP and Management Station

4107 TCP LSEP and Firebox

Port #Protocol Used

By

4103 TCP dbfetch Connect to webblocker.sealabs.com to retrieve

4102 TCP Firebox Used only in LSS 3.0x or earlier for logs

Purpose

WebBlocker database

Reference Guide 19

Ports used by Microsoft products

Ports used by Microsoft products

Port # Protocol Purpose

137, 138 UDP Browsing

67, 68 UDP DHCP Lease

135 TCP DHCP Manager

138
139

135 TCP DNS Administration

53 UDP DNS Resolution

139 TCP Event Viewer

139 TCP File Sharing

137, 138
139

138 UDP NetLogon

137, 138
139

139 TCP Performance Monitor

1723
47

137, 138
139

139 TCP Registry Editor

139 TCP Server Manager

137, 138
139

139 TCP User Manager

139 TCP WinNT Diagnostics

137, 138
139

42 TCP WINS Replication

135 TCP WINS Manager

137 TCP WINS Registration

UDP
TCP

UDP
TCP

UDP
TCP

TCP
IP

UDP
TCP

UDP
TCP

UDP
TCP

Directory Replication

Logon Sequence

Pass Through Validation

PPTP

Printing

Trust s

WinNT Secure Channel

Port # Protocol Purpose

135 TCP Client/Server

135 TCP Exchange Administrator

143 TCP IMAP

993 TCP IMAP (SSL)

389 TCP LDAP

636 TCP LDAP (SSL)

20

Communications