Manualshelf

User guide

ManualsBrandsWatchguard ManualsComputer equipmentFirebox X1000
171172173174175176177178179180
Blocking Ports
User Guide 155
port 0
Port 0 is reserved by IANA, but many programs that scan ports
start their search on port 0.
port 1
Port 1 is for the rarely used TCPmux service. Blocking it is another
way to confuse port scanning programs.
Novell IPX over IP (port 213).
If you use Novell IPX over IP internally, you might want to
explicitly block port 213.
NetBIOS services (ports 137 through 139)
You should block these ports if you use NetBIOS internally.
Although such services are blocked implicitly by default packet
handling, blocking them here provides additional security.
Avoiding problems with legitimate users
It is possible for legitimate users to have problems because of blocked
ports. In particular, some clients might temporarily fail because of
blocked ports.
You should be very careful about blocking port numbers between 1000
through 1999, as these numbers are particularly likely to be used as client
ports.
N
OTE
Solaris uses ports greater than 32768 for clients.
Blocking a port permanently
From Policy Manager:
1 On the toolbar, click the Blocked Ports icon, shown at
right.
You can also select Setup => Blocked Ports. The Blocked Ports
dialog box appears, as shown in the following figure.
2 In the text box to the left of the Add button, type the
port number. Click Add.
The new port number appears in the Blocked Ports list.