Telnet; Tftp - Watchguard Firebox X1000 Reference Manual

telnet

The telnet service is used to log in to a remote computer, and is similar to
using dial-up access except that the connection is made over a network.
Characteristics
•
•
•
•
Common Scenario

TFTP

Trivial File Transfer Protocol (TFTP) is a simple file transfer protocol
similar to FTP that is usually used to download boot code to diskless
workstations. It supports timeout and retransmission techniques.
Use of this protocol is not recommended because it can allow
unauthorized remote access to system or user files without asking for a
password. WatchGuard recommends TFTP be used only for accessing
limited subdirectory trees that cannot result in root access. TFTP should
be restricted by using a TCP wrapper and filtering packets coming in on
port 111.
Reference Guide
Protocol: TCP
Server Port(s): 23
Client Port(s): greater than 1023
RFC: 854
Description
Telnet access is not allowed in to any machines on the trusted
network, but access is allowed out to external and/or optional
machines.
Icons in the Services Arena
The Proxied-HTTP, Filtered-HTTP, Proxy, or Outgoing icon in the
Services Arena automatically set to Allow Outgoing but Deny
Incoming connections (the default WatchGuard stance). For a
different stance (for example, to allow selected Incoming, or to
restrict Outgoing), add the telnet services and configure as
needed.
Packet Filter Services
59