Watchguard Firebox X6500E, Firebox X55E, Firebox X10E, Firebox X Peak e-Series, Firebox X Core e-Series Reference Manual

...

Reference Guide

Firebox X Core/Peak e-Series

with WatchGuard System Manager/Fireware v10.0

Firebox X Edge e-Series v10.0

Revised: 2/1/2008

Notice to Users

Information in this guide is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. No part of this guide may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of WatchGuard Technologies, Inc.

Complete copyright, trademark, patent, and licensing information can be found in Chapter 7 of this Reference Guide. A copy of this book is automatically installed into a subfolder of the installation directory called Documentation. You can also find it online at:

http://www.watchguard.com/help/documentation/

All trademarks or trade names mentioned herein, if any, are the property of their respective owners.

ABOUT WATCHGUARD

Since 1996, WatchGuard Technologies has provided reliable, easy to manage security appliances to hundreds of thousands of businesses worldwide. Our Firebox X family of unified threat management (UTM) solutions provides the best combination of strong, reliable, multi-layered security with the best ease of use in its class. All products are backed by LiveSecurity® Service, a ground-breaking support and maintenance program. WatchGuard is a privately owned company, headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. For more information, please call 206.613.6600 or visit www.watchguard.com

ADDRESS

505 Fifth Avenue South Suite 500 Seattle, WA 98104

SUPPORT

www.watchguard.com/support U.S. and Canada +877.232.3531 All Other Countries +1.206.521.3575

SALES

U.S. and Canada +1.800.734.9905 All Other Countries +1.206.613.0895

WatchGuard System Manager

Contents

CHAPTER 1

Internet Protocol Reference

Internet Protocol Header ...............................................................................2

IP header number list ..................................................................................3

Internet Protocol Options ..............................................................................6

Transfer Protocols ........................................................................................6

UDP .........................................................................................................6

TCP..........................................................................................................7

ICMP........................................................................................................7

Other protocols ..........................................................................................7

........................................................................1

Standard Ports and Random Ports.................................................................8

CHAPTER 2

MIME Content Types

....................................................................................9

CHAPTER 3

Services and Ports

Ports Used by WSM and Fireware ................................................................21

Ports Used by Microsoft Products ................................................................22

Well-Known Services List ............................................................................23

.....................................................................................21

CHAPTER 4

WebBlocker Content

Searching for Blocked Sites ........................................................................31

WebBlocker Categories ...............................................................................32

..................................................................................31

Reference Guide iii

CHAPTER 5

Types of Policies in Fireware

Packet Filter Policies ..................................................................................39

Any........................................................................................................39

Archie ....................................................................................................40

auth.......................................................................................................40

BGP .......................................................................................................40

Citrix ......................................................................................................40

Clarent-Command .....................................................................................41

Clarent-Gateway........................................................................................41

CU-SeeMe ...............................................................................................42

DHCP-Server or DHCP-Client ........................................................................42

DNS.......................................................................................................42

Entrust ...................................................................................................42

finger .....................................................................................................43

FTP........................................................................................................43

Gopher ...................................................................................................43

GRE .......................................................................................................43

HBCI ......................................................................................................44

HTTP......................................................................................................44

HTTPS ....................................................................................................44

IDENT.....................................................................................................45

IGMP......................................................................................................45

IMAP......................................................................................................45

IPSec .....................................................................................................45

IRC ........................................................................................................46

Intel-Video-Phone ......................................................................................46

Kerberos-v4 and Kerberos-v5.......................................................................46

L2TP ......................................................................................................46

LDAP......................................................................................................47

LDAP-SSL................................................................................................47

Lotus Notes .............................................................................................47

MS-SQL-Monitor........................................................................................47

MS-SQL-Server .........................................................................................47

MS-Win-Media ..........................................................................................48

NetMeeting .............................................................................................48

NFS .......................................................................................................48

NNTP .....................................................................................................48

NTP .......................................................................................................49

OSPF......................................................................................................49

pcAnywhere.............................................................................................49

Ping .......................................................................................................49

POP2 and POP3 .......................................................................................50

PPTP ......................................................................................................50

RADIUS and RADIUS-RFC............................................................................50

......................................................................39

WatchGuard System Manager

RADIUS-Accounting and RADIUS-Acct-RFC.......................................................51

RDP .......................................................................................................51

RIP ........................................................................................................51

RSH.......................................................................................................51

RealPlayerG2 ...........................................................................................52

Rlogin ....................................................................................................52

SecurID ..................................................................................................52

SMB (Windows Networking).........................................................................52

SMTP .....................................................................................................53

SNMP.....................................................................................................53

SNMP-Trap ..............................................................................................53

SQL*Net .................................................................................................53

SQL-Server ..............................................................................................53

SSH .......................................................................................................54

SSL-VPN .................................................................................................54

SunRPC ..................................................................................................54

Syslog ....................................................................................................54

TACACS...................................................................................................55

TACACS+.................................................................................................55

TCP........................................................................................................55

TCP-UDP .................................................................................................55

Telnet .....................................................................................................55

Timbuktu ................................................................................................56

Time ......................................................................................................56

Tra ceroute ...............................................................................................56

UDP .......................................................................................................56

UUCP .....................................................................................................57

WAIS ......................................................................................................57

WinFrame ...............................................................................................57

WG-Auth .................................................................................................57

WG-Firebox-Mgmt......................................................................................58

WG-Logging .............................................................................................58

WG-Mgmt-Server.......................................................................................58

WG-SmallOffice-Mgmt ................................................................................58

WG-WebBlocker ........................................................................................58

WHOIS....................................................................................................59

X11 .......................................................................................................59

Reference Guide v

Proxy Policies.............................................................................................60

DNS-proxy ...............................................................................................60

FTP-proxy ................................................................................................60

H323-proxy..............................................................................................60

HTTP-proxy ..............................................................................................61

HTTPS-proxy ............................................................................................61

POP3-proxy..............................................................................................61

SIP-proxy.................................................................................................62

SMTP-proxy .............................................................................................62

TCP-UDP-proxy..........................................................................................62

TFTP-proxy...............................................................................................63

CHAPTER 6

Resources

Publishers .................................................................................................66

Books .......................................................................................................66

Non-Fiction ..............................................................................................66

Fiction....................................................................................................66

Mailing Lists ..............................................................................................67

General IT and Security Web Sites ...............................................................67

White Hat Web Sites...................................................................................69

Grey Hat Sites............................................................................................70

Other Web Sites.........................................................................................71

...................................................................................................65

Dictionaries of Computer Terminology ..........................................................71

RSS Feeds.................................................................................................72

Security Feeds .........................................................................................72

IT Related Feeds.......................................................................................72

Fun Feeds ...............................................................................................73

Web Logs (Blogs) ......................................................................................73

Web Logs (Blogs) ......................................................................................74

WatchGuard System Manager

CHAPTER 7

Patents .....................................................................................................75

Trademarks................................................................................................75

Licensing...................................................................................................76

Apache License (1.1) .................................................................................76

Apache License (2.0) .................................................................................77

GNU General Public License (GPL) ................................................................80

GNU Lesser General Public License (LGPL) .....................................................84

GNU Library General Public License (Library GPL) ............................................90

Java Platform, Standard Edition License.........................................................96

bzip2 .....................................................................................................99

BusyBox ...............................................................................................100

CGIC ....................................................................................................100

ctengine ...............................................................................................100

curl......................................................................................................100

dhcp ....................................................................................................101

dmalloc ................................................................................................101

ElementTree ..........................................................................................102

expat and libexpat ..................................................................................102

free-extractor .........................................................................................103

freeradius-client......................................................................................103

iputils...................................................................................................105

iText.....................................................................................................106

javasqlite ..............................................................................................106

Java 2D API Samples ...............................................................................107

JAXB ....................................................................................................107

JDom ...................................................................................................112

junit.....................................................................................................112

jython...................................................................................................115

kazlib ...................................................................................................117

libarchive ..............................................................................................117

libcurl...................................................................................................117

libpcap .................................................................................................118

lightppd ................................................................................................118

Linux....................................................................................................119

Lua......................................................................................................120

madwifi ................................................................................................120

net-SNMP..............................................................................................121

NumPy .................................................................................................124

OpenLDAP.............................................................................................125

OpenNTPD ............................................................................................125

OpenSSL...............................................................................................127

........................75

Reference Guide vii

OpenVPN ..............................................................................................128

ossp_mm ..............................................................................................129

PCRE ...................................................................................................130

PPP .....................................................................................................130

PostgreSQL Database Management System..................................................136

py lib....................................................................................................136

pysqlite .................................................................................................137

Python..................................................................................................137

redboot ................................................................................................138

sasl .....................................................................................................144

tinyxpath...............................................................................................145

traceroute .............................................................................................145

uClibc...................................................................................................145

wvstreams.............................................................................................146

xpp3 ....................................................................................................146

zlib ......................................................................................................147

viii

WatchGuard System Manager

Internet Protocol Reference

Internet Protocol (IP) sets the format of packets and the address pattern for sending data through the Internet. It operates as a postal system, and allows you to address a package and drop it into the system. But, there is no direct link between you and the recipient. In other words, there is no package.

Most networks mix IP with higher level protocols such as Transmission Control Protocol (TCP). TCP/IP makes a connection between two host servers. Then, they can send messages to each other. TCP/IP supplies the “packaging.”

Reference Guide 1

Internet Protocol Header

Internet Protocol (IP) is an Internet standard that enables the sending of datagrams — packets of information that include an address and instructions on how to send the datagram to its destination. IP prepends a header to each datagram. The IP header contains a minimum of 12 properties, and other optional properties.

Property Size Description

Version 4 bits IP format number (Current version = 4)

IHL 4 bits Header length in 32-bit words (Minimum = 5)

TOS 8 bits Type of service sets routing priorities. It is usually not used because not many

application layers can set it.

To t_ Len 16 bits Total length of packet measured in octets. It is used to assemble fragments.

ID 16 bits Packet ID, used to assemble fragments.

Flags 3 bits Miscellaneous flags

Frag_Off 13 bits Identifies fragment part for this packet.

TTL 8 bits Time to live. It sets the maximum time the datagram remains alive in the system.

Protocol 8 bits IP protocol number. Indicates which of TCP, UDP, ICMP, IGMP, or other Transport

protocol is inside.

Check 16 bits Checksum for the IP header

Sour_Addr 32 bits Source IP address

Dest_Addr 32 bits Destination IP address

Options 24 bits IP Options (Present if IHL is 6)

WatchGuard System Manager

IP header number list

The IP Protocol header contains an 8-bit field that identifies the protocol for the transport layer for the datagram.

Keyword Number Protocol

0 Reserved

ICMP 1 Internet Control Message

IGMP 2 Internet Group Management

GGP 3 Gateway-to-Gateway

IP 4 IP-within-IP (encapsulation)

ST 5 Stream

TCP 6 Transmission Control Protocol

UCL 7 UCL

EGP 8 Exterior Gateway Protocol

IGP 9 Any private interior gateway

BBN-RCC-MON 10 BBN RCC Monitoring

NVP-II 11 Network Voice Protocol

PUP 12 PUP

ARGUS 13 ARGUS

EMCON 14 EMCON

XNET 15 Cross Net Debugger

CHAOS 16 Chaos

UDP 17 User Datagram Protocol

MUX 18 Multiplexing

DCN-MEAS 19 DCN Measurement Subsystems

HMP 20 Host Monitoring

PRM 21 Packet Radio Measurement

XNS-IDP 22 XEROX NS IDP

TRUNK-1 23 Tr unk-1

TRUNK-2 24 Tr unk-2

LEAF-1 25 Leaf-1

LEAF-2 26 Leaf-2

RDP 27 Reliable Data Protocol

IRTP 28 Internet Reliable Transaction

ISO-TP4 29 ISO Transport Protocol Class 4

NETBLT 30 Bulk Data Transfer Protocol

MFE-NSP 31 MFE Network Services Protocol

MERIT-INP 32 MERIT Internodal Protocol

SEP 33 Sequential Exchange Protocol

3PC 34 Third Party Connect Protocol

IDPR 35 Inter-Domain Policy Routing Protocol

Reference Guide 3

Keyword Number Protocol

XTP 36 XTP

DDP 37 Datagram Delivery Protocol

IDPR-CMTP 38 IDPR Control Message Transport Protocol

TP++ 39 TP++ Transport Protocol

IL 40 IL Transport Protocol

SIP 41 Simple Internet Protocol

SDRP 42 Source Demand Routing Protocol

SIP-SR 43 SIP Source Route

SIP-FRAG 44 SIP Fragment

IDRP 45 Inter-Domain Routing Protocol

RSVP 46 Reservation Protocol

GRE 47 General Routing Encapsulation

MHRP 48 Mobile Host Routing Protocol

BNA 49 BNA

ESP 50 Encapsulated Security Payload

AH 51 Authentication Header

I-NLSP 52 Integrated Net Layer Security TUBA

SWIPE 53 IP with Encryption

NHRP 54 NBMA Next Hop Resolution Protocol

55-60 Unassigned

61 Any host internal protocol

CFTP 62 CFTP

63 Any local network

SAT-EXPAK 64 SATNET and Backroom EXPAK

KRYPTOLAN 65 Kryptolan

RVD 66 MIT Remote Virtual Disk Protocol

IPPC 67 Internet Pluribus Packet Core

68 Any distributed file system

SAT-MON 69 SATNET Monitoring

VISA 70 VISA Protocol

IPCV 71 Internet Packet Core Utility

CPNX 72 Computer Protocol Network Executive

CPHB 73 Computer Protocol Heart Beat

WSN 74 Wang Span Network

PVP 75 Packet Video Protocol

BR-SAT-MON 76 Backroom SATNET Monitoring

SUN-ND 77 SUN NDPROTOCOL-Temporary

WB-MON 78 WIDEBAND Monitoring

WB-EXPAK 79 WIDEBAND EXPAK

WatchGuard System Manager

Keyword Number Protocol

ISO-IP 80 ISO Internet Protocol

VMTP 81 VMTP

SECURE-VMTP 82 SECURE-VMTP

VINES 83 VINES

TTP 84 TTP

NSFNET-IGP 85 NSFNET-IGP

DGP 86 Dissimilar Gateway Protocol

TCF 87 TCF

IGRP 88 IGRP

OSPFIGP 89 OSPFIGP

SPRITE-RPC 90 Sprite RPC Protocol

LARP 91 Locus Address Resolution Protocol

MTP 92 Multicast Transport Protocol

AX.25 93 AX.25 Frames

IPIP 94 IP-within-IP Encapsulation Protocol

MICP 95 Mobile Internetworking Control Protocol

SCC-SP 96 Semaphore Communications Security Protocol

ETHERIP 97 Ethernet-within-IP Encapsulation

ENCAP 98 Encapsulation Header

99 Any private encryption scheme

GMTP 100 GMTP

101-254 Unassigned

255 Reserved

Reference Guide 5

Transfer Protocols

Internet Protocol Options

Internet Protocol (IP) options are additions to the standard IP header that can be of different lengths. Enabling IP options can be dangerous. Hackers can use them to create routing that helps them get access to your network. Because most software applications make it very difficult to use IP options, they are not frequently used.

There are different types of IP options:

Security

These options control the routing of IP packets that transmit sensitive data. Security options are not frequently supported.

Stream ID (SID)

The stream ID option is not frequently supported.

Source Routing

The loose source route option and the strict source route option enable the source of an Internet packet to give routing information. Source routing options can be very dangerous, because an attacker could use them to masquerade as a different user. But, loose source route option and the traceroute tool can also help debug some unusual routing problems.

Record Route

The record route option was first used to do tests on the Internet. But, record route can record only ten IP addresses. On the current Internet, a typical connection can include 20 or 30 different routers, making the record route option out of date.

Time Stamp

The time stamp option measures the time for a packet to make one full cycle (source --> destination --> source). Higher level time protocols or time stamp messages do this task better than the time stamp option.

Transfer Protocols

The Internet Protocol (IP) includes information kept in the transport layer. The transport layer has different protocols that tell how to transmit data between software applications: for example, UDP, TCP, ICMP, and others.

UDP

User Datagram Protocol (UDP) is a datagram protocol that does not use connections. It is a very fast protocol, and it does not use much bandwidth or CPU. But, you cannot trust that datagrams will get to their destination. A software application that uses UDP must make sure that the full message gets to its destination in the correct sequence.

Characteristics of UDP include:

• Frequently used for services that include the exchange of small quantities of data where sending

a datagram more than one time is not a problem.

• Used for services such as time synchronization in which a missing packet does not have an effect

on continued operation. Many systems using UDP send packets again at a constant rate to tell other systems about unusual events.

• Frequently used on LANs. Because of its low system and bandwidth requirements, it gives a large

performance advantage to Network File System (NFS) services users. Network File System is a popular TCP/IP service for supplying shared file systems over a network.

• Gives supports to broadcasts.

WatchGuard System Manager

Transfer Protocols

• Gives abstraction of ports. A connection is made of its source and destination ports and its

source and destination IP addresses. In typical use, port numbers less than 1024 are saved for well-known services (destinations). The client side can use ports higher than 1023 for the source of the connection. But, this rule has many exceptions: NFS (port 2049) and Archie (port 1525) use server ports at numbers higher than 1024. Some services use the same source and destination port for server to server connections. Examples include DNS (53), NTP (123), syslog (514), and RIP (520).

TCP

Transmission Control Protocol (TCP) enables two hosts to make a connection and send streams of data to each other. TCP makes sure that the data that is sent gets to its destination. It also makes sure that packets are put in the same sequence as when they were sent.

TCP manages connections with properties that control the condition of a connection. Three very important properties of TCP packets are the SYN, ACK, and FIN bits. The SYN bit is set only on the first packet sent in each direction for a given connection. The ACK bit is set when the other side gets the data. The FIN bit is set when the source or destination closes the connection.

ICMP

The Internet Control Message Protocol (ICMP) is used most frequently to supply error information about other services. It operates by using the same method as UDP. That is, ICMP does not use connections and does not make sure that packets reach their destination. One dangerous ICMP packet is the ICMP redirect packet, which can change routing information on the devices that receive it.

Other protocols

Most traffic on the Internet uses TCP, UDP, or ICMP protocols. Some other protocols are as follows:

IGMP (Internet Group Multicast Protocol)

A protocol used by a host on multicast access networks to notify a locally attached router to which group the router belongs.

IPIP (IP-within-IP)

An encapsulation protocol that is used to assemble virtual networks on the Internet.

GGP (Gateway-Gateway Protocol

A routing protocol that is used between different systems.

A protocol used for PPTP.

An encryption protocol used for IPSec.

Reference Guide 7

Transfer Protocols

Standard Ports and Random Ports

UDP and TCP use encapsulation of information contained in the application layer. The software application procedures are specified by source ad destination port numbers. These port numbers, together with the source and destination IP addresses, supply a unique connection on the Internet.

For example, you can have two telnet sessions from one host to a different host. Because telnet uses a well-known service port number of 23, something must be different between these two connections. The other port in these conditions is a port that is usually larger than 1023. The operating system on the client side assigns this port number automatically.

Random ports can cause problems if they match a well-known service on a port higher than 1023. If some client computer assigns a random port of 2049, no connection can be made. This type of problem frequently occurs with the X Window and Archie services.

Most operating systems assign port numbers between 1024 and 2100 so this problem does not occur frequently.

WatchGuard System Manager

MIME Content Types

Software applications use content type headers to identify the type of data they receive. Content type headers tell the software application how to correctly identify and display video clips, images, sound, or other data. Usually, people are most familiar with the MIME content types used in email.

Some of the available proxy policies in your Firebox configuration can use content type headers to determine whether to allow or deny traffic. This chapter contains a list of many common MIME content types for your reference.

New, registered MIME content types appear regularly. We recommend frequent checks of an online source for the most current list. One source of current MIME types is:

www.iana.org/assignments/media-types/

Note that software applications can use incorrect content types, or content types that are not registered.

Common MIME content types

Typ e Subtype Reference (where available)

application *

application activemessage Shapiro

application andrew-inset Borenstein

application applefile Fal strom

application astound

application atomicmail Borenstein

application cals-1840 RFC 1895

application commonground Glazner

application cybercash Eastlake

application dca-rft Campbell

application dec-dx Campbell

application eshop Katz

Reference Guide 9

Typ e Subtype Reference (where available)

application hyperstudio Domino

application iges Parks

application mac-binhex40 Fal strom

application macwriteii Lindner

application marc RFC 2220

application mathematica Van Nostern

application ms-excel

application mspowerpoint

application msword Lindner

application news-message-id RFC 1036, Spencer

application news-transmission RFC 1036, Spencer

application octet-stream RFC 2045, RFC 2046

application oda RFC 2045, RFC 2046

application olescript

application pdf RFC 3778

application pgp-encrypted RFC 3156

application pgp-keys RFC 3156

application pgp-signature RFC 3156

application pkcs10 RFC 2311

application pkcs7-mime RFC 2311

application pkcs7-signature RFC 2311

application postscript RFC 2045, RFC 2046

application prs.alvestrand.titrax-sheet Alvestrand

application prs.cww Rungchavalnont

application prs.nprend Doggett

application realnetworksupgrade

application remote-printing RFC 1486, Rose

application riscos Smith

application rtf Lindner

application set-payment Korver

application set-payment-initiation Korver

application set-registration Korver

application set-registration-initiation Korver

application sgml RFC 1874

application sgml-open-catalog Grosso

application slate

application vis5d

application vnd.3M.Post-it-Notes O’Brien

application vnd.FloGraphIt Floersch

WatchGuard System Manager

Typ e Subtype Reference (where available)

application vnd.acucobol Lubin

application vnd.anser-web-certificate-issue-initiation Mori

application vnd.answer-web-funds-transfer-initiation Mori

application vnd.audiograph Slusanschi

application vnd.businessobjects Imoucha

application vnd.claymore Simpson

application vnd.commerce-battelle Applebaum

application vnd.commonspace Chandhok

application vnd.cosmocaller Dellutri

application vnd.cybank Helmee

application vnd.dna Searcy

application vnd.dxr Duffy

application vnd.ecdis-update Buettgenbach

application vnd.ecowin.chart Olsson

application vnd.ecowin.filerequest Olsson

application vnd.ecowin.fileupdate Olsson

application vnd.ecowin.series Olsson

application vnd.ecowin.seriesrequest Olsson

application vnd.ecowin.seriesupdate Olsson

application vnd.enliven Santinelli

application vnd.epson.quickanime Gu

application vnd.epson.salt Nagatomo

application vnd.fdf Zilles

application vnd.ffsns Holstage

application vnd.framemaker Wexler

application vnd.fujitsu-oasys To ga sh i

application vnd.fujitsu-oasys2 To ga sh i

application vnd.fujitsu-oasys3 Okudaira

application vnd.fujitsu-oasysgp Sugimoto

application vnd.fujitsu-oasysprs Ogita

application vnd.fujixerox.docuworks Tag uc hi

application vnd.fut-misnet Pruulmann

application vnd.hp-HPGL Pentecost

application vnd.hp-PCL Pentecost

application vnd.hp-PCLXL Pentecost

application vnd.hp-hps Aubrey

application vnd.ibm.MiniPay Herzberg

application vnd.ibm.modcap Hohensee

application vnd.intercon.formnet Gurak

Reference Guide 11

Typ e Subtype Reference (where available)

application vnd.intertrust.digibox To ma se ll o

application vnd.intertrust.nncp Tom as el lo

application vnd.intu-qbo Scratchley

application vnd.is-xpr Natarajan

application vnd.japannet-directory-service Fujii

application vnd.japannet-jpnstore-wakeup Yo s hi ta k e

application vnd.japannet-payment-wakeup Fujii

application vnd.japannet-registration Yo sh it ak e

application vnd.japannet-registration-wakeup Fujii

application vnd.japannet-setstore-wakeup Yo sh it a ke

application vnd.japannet-verification Yo sh it a ke

application vnd.japannet-verification-wakeup Fujii

application vnd.loan Cole

application vnd.lotus-1-2-3 Wattenberger

application vnd.lotus-approach Wattenberger

application vnd.lotus-freelance Wattenberger

application vnd.lotus-organizer Wattenberger

application vnd.lotus-screencam Wattenberger

application vnd.lotus-wordpro Wattenberger

application vnd.meridian-slingshot Wedel

application vnd.mif Wexler

application vnd.minisoft-hp3000-save Bartram

application vnd.mitsubishi.misty-guard.trustweb Tan ak a

application vnd.ms-artgalry Slawson

application vnd.ms-asf Fleischman

application vnd.ms-powerpoint Gill

application vnd.ms-project Gill

application vnd.ms-tnef Gill

application vnd.ms-works Gill

application vnd.ms.wms-hrd.asfv1 Gill

application vnd.music-niff Butler

application vnd.musician Adams

application vnd.netfpx Mutz

application vnd.noblenet-directory Solomon

application vnd.noblenet-sealer Solomon

application vnd.noblenet-web Solomon

application vnd.novadigm.EDM Swenson

application vnd.novadigm.EDX Swenson

application vnd.novadigm.EXT Swenson

WatchGuard System Manager

Typ e Subtype Reference (where available)

application vnd.osa.netdeploy Klos

application vnd.powerbuilder6 Guy

application vnd.powerbuilder6-s Guy

application vnd.publishare-delta-tree Ben-Kiki

application vnd.rapid Szekely

application vnd.rn-realplayer

application vnd.seemail Webb

application vnd.shana.informed.formdata Selzler

application vnd.shana.informed.formtemplate Selzler

application vnd.shana.informed.interchange Selzler

application vnd.shana.informed.package Selzler

application vnd.street-stream Levitt

application vnd.svd Becker

application vnd.swiftview-ics Widener

application vnd.truedoc Chace

application vnd.uplanet.alert Martin

application vnd.uplanet.alert-wbxml Martin

application vnd.uplanet.bearer-choi-wbxml Martin

application vnd.uplanet.bearer-choice Martin

application vnd.uplanet.cacheop Martin

application vnd.uplanet.cacheop-wbxml Martin

application vnd.uplanet.channel Martin

application vnd.uplanet.channel-wbxml Martin

application vnd.uplanet.list Martin

application vnd.uplanet.list-wbxml Martin

application vnd.uplanet.listcmd Martin

application vnd.uplanet.listcmd-wbxml Martin

application vnd.uplanet.signal Martin

application vnd.visio Sandal

application vnd.webturbo Rehem

application vnd.wrq-hp3000-labelled Bartram

application vnd.wt.stf Wohler

application vnd.xara Matthewman

application vnd.yellowriver-custom-menu Yello

application vnd.wita

application vnd.workperfect5.1

application write

application x-alpha-form

application x-asap

Reference Guide 13

Typ e Subtype Reference (where available)

application x-bcpio

application x-chat

application x-cpio

application x-sch

application x-cu-seemee

application x-demoshield

application x-director

application x-dvi

application x-framemaker

application x-gtar

application x-ica

application x-installshield

application x-javascript

application x-koan

application x-latex

application x-mif

application x-msaddr

application x-mms-framed

application x-mswallet

application x-net-install

application x-nokia-9000-add-on-software

application x-ns-proxy-autoconfig

application x-oleobject

application x-olescript

application x-p3d

application x-pcn

application x-pdf

application x-perl

application x-pn-realaudio

application x-pn-realmedia

application x-pointplus

application x-rad-powermedia

application x-sh

application x-shar

application x-shockwave-flash

application x-sprite

application x-stuffit

application x-tar

application x-tcl

WatchGuard System Manager

Typ e Subtype Reference (where available)

application x-tex

application x-texinfo

application x-troff

application x-troff-man

application x-troff-me

application x-troff-ms

application x-ustar

application x-wais-source

application x-watchguard-cloaked

application x-webbasic

application x-wintalk

application x-wls

application x-wms-LogStats

application x400-bp

application xml RFC 3023

application zip Lindner

audio *

audio 32kadpcm RFC 2421, RFC 2422

audio basic RFC 2045, RFC 2046

audio echospeech

audio vnd.qcelp

audio voxware

audio x-aiff

audio x-mpeg

audio x-mpeg-2

audio x-wav

chemical *

chemical x-cdx

chemical x-cif

chemical x-chem3d

chemical x-cmdf

chemical x-cml

chemical x-daylight-smiles

chemical x-csml

chemical x-galactic-spc

chemical x-gaussian-input

chemical x-gaussian-cube

Reference Guide 15

Typ e Subtype Reference (where available)

chemical x-isostar

chemical x-jcamp-dx

chemical x-kinemage

chemical x-mdl-molfile

chemical x-mdl-rxnfile

chemical x-macmolecule

chemical x-macromode1-input

chemical x-mopac-input

chemical x-pdb

chemical x-xyz

chemical x-vmd

drawing *

drawing x-dwf

graphics *

graphics x-inventor

image *

image cgm Francis

image fif

image g3fax

image gif RFC 2045, RFC 2046

image ief RFC 1314

image jpeg RFC 2045, RFC 2046

image naplps Ferber

image png Randers-Pehrson

image prs.btif Simon

image tiff

image vnd.dwg Moline

image vnd.dxf Moline

image vnd.fastbidsheet Becker

image vnd.fpx Spencer

image vnd.net-fpx Spencer

image vnd.svf Moline

image vnd.xiff S. Martin

image wavelet

image x-cals

image x-cmu-raster

WatchGuard System Manager

Typ e Subtype Reference (where available)

image x-cmx

image x-dwg

image x-dxf

image x-mgx-dsf

image x-ms-bmp

image x-photo-cd

image x-pict

image x-png

image x-portable-anymap

image x-portable-bitmap

image x-portable-graymap

image x-portable-pixmap

image x-rgb

image x-svf

image x-xbitmap

image x-xwindowdump

image xpm

message *

message delivery-status RFC 1894

message disposition-notification RFC 2298

message external-body RFC 2045, RFC 2046

message http RFC 2616

message news RFC 1036, H. Spencer

message partial RFC 2045, RFC 2046

message rfc822 RFC 2045, RFC 2046

model *

model iges Parks

model mesh RFC 2077

model vnd.dwf Pratt

model vrml RFC 2077

multipart *

multipart alternative RFC 2045, RFC 2046

multipart appledouble Fals trom

multipart byteranges RFC 2068

multipart digest RFC 2045, RFC 2046

multipart encrypted RFC 1847

Reference Guide 17

Typ e Subtype Reference (where available)

multipart form-data RFC 2388

multipart header-set Crocker

multipart mixed RFC 2045, RFC 2046

multipart parallel RFC 2045, RFC 2046

multipart related RFC 2387

multipart report RFC 1982

multipart signed RFC 1847

multipart voice-message RFC 2421, RFC 2423

text *

text css RFC 2318

text enriched RFC 1896

text html RFC 2854

text javascript

text plain RFC 2046, RFC 3676

text richtext RFC 2045, RFC 2046

text sgml RFC 1874

text tab-separated-values Lindner

text uri-list RFC 2483

text vbscript

text vnd.abc Allen

text vnd.fmiflexstor Hurtta

text vnd.in3d.3dml Powers

text vnd.in3d.spot Powers

text vnd.latex-z Lubos

text x-setext

text x-speech

text xml RFC 3023

video *

video mpeg RFC 2045, RFC 2046

video mpeg-2

video quicktime Lindner

video vdo

video vivo Wolfe

video vnd.motorola.video McGinty

video vnd.motorola.videop McGinty

video vnd.vivo

video x-ms-asf

WatchGuard System Manager

Typ e Subtype Reference (where available)

video x-msvideo

video x-sgi-movie

workbook *

workbook formulaone

x-conference x-cooltalk

x-form x-openscape

x-model x-mesh

x-music x-midi

x-script x-wfxclient

x-world *

x-world x-3dmf

x-world x-svr

x-world x-vream

x-world x-vrml

x-world x-vrt

x-world x-wvr

Reference Guide 19

WatchGuard System Manager

Services and Ports

Well-known services are a mixture of port number and transport protocol for specified, standard software applications. This chapter contains tables that list service names, port number, protocol, and description.

Ports Used by WSM and Fireware

The WatchGuard Firebox, management station, and WatchGuard servers use specified ports during usual operations.

Port # Protocol Purpose

4100 TCP Authentication service

4107 4115

4103 4105 4117 4118

4110 4112 4113

4109 TCP Secure access to SOHO and Edge Fireboxes with a

5003 TCP and UDP WebBlocker

TCP WatchGuard Log Server

TCP WatchGuard Firebox configuration and

management

TCP WatchGuard Management Server

web browser

Reference Guide 21

Ports Used by Microsoft Products

Many Firebox users want to create policies that specifically allow or block Microsoft applications. Here is a list of ports used by some Microsoft products.

Port # Protocol Purpose

137, 138 UDP Browsing

67, 68 UDP DHCP Lease

135 TCP DHCP Manager

138 139

135 TCP DNS Administration

53 UDP DNS Resolution

139 TCP Event Viewer

139 TCP File Sharing

137, 138 139

138 UDP NetLogon

137, 138 139

139 TCP Performance Monitor

1723 47

137, 138 139

139 TCP Registry Editor

139 TCP Server Manager

137, 138 139

139 TCP User Manager

139 TCP WinNT Diagnostics

137, 138 139

42 TCP WINS Replication

135 TCP WINS Manager

137 TCP WINS Registration

UDP TCP

TCP IP

UDP TCP

Directory Replication

Logon Sequence

Pass Through Validation

PPTP

Printing

Tru sts

WinNT Secure Channel

Port(s) Protocol Purpose

135 TCP Client/Server Communications

135 TCP Exchange Administrator

143 TCP IMAP

993 TCP IMAP (SSL)

389 TCP LDAP

WatchGuard System Manager

+ 130 hidden pages

Watchguard Firebox X6500E, Firebox X55E, Firebox X10E, Firebox X Peak e-Series, Firebox X Core e-Series Reference Manual

Specifications and Main Features

Frequently Asked Questions

User Manual