Avoiding Problems With Blocked Ports; Adding A Port To The Blocked Ports List - Watchguard Firebox X20E User Manual

Blocking Ports
X Font Server (port 7100)
Many versions of X-Windows operate X Font Servers. The X Font Servers operate as the super-
user on some hosts.
NFS (port 2049)
NFS (Network File System) is a frequently used TCP/IP service where many users use the same
files on a network. But, the new versions have important authentication and security problems.
To supply NFS on the Internet can be very dangerous. The portmapper frequently uses the port
2049 for NFS. If you use NFS, make sure that NFS uses the port 2049 on all your systems.
rlogin, rsh, rrcp (ports 513, 514)
These services give remote access to other computers. They are a security risk and many
attackers probe for these services.
RPC portmapper (port 111)
The RPC Services use port 111 to find which ports a given RPC server uses. The RPC services are
easy to attack through the Internet.
port 8000
Many vendors use this port, and there are many security problems related to it.
port 1
The TCPmux service uses Port 1, but not frequently. You can block it to make it more difficult for
the tools that examine ports.
port 0
This port is always blocked by the Firebox. You cannot add this port to the Blocked Ports list. You
cannot allow traffic on port 0 through the Firebox.

Avoiding problems with blocked ports

Be very careful if you block port numbers higher than 1023. Clients frequently use these source port
numbers.

Adding a port to the blocked ports list

To connect to the System Status page, type https:// in the browser address bar, and the IP
1
address of the Firebox X Edge trusted interface.
The default URL is https://192.168.111.1
From the navigation bar, click Firewall > Intrusion Prevention. Click on the Blocked Ports tab.
2
130 Firebox X Edge e-Series