User guide

Chapter 11: Protecting Your Network From Attacks

156 WatchGuard Firebox System

To remove a blocked port, select the port to remove. Click Remove.

Auto-blocking sites that try to use blocked ports

You can configure the Firebox such that when an outside host attempts to

access a blocked port, that host is temporarily auto-blocked:

In the Blocked Ports dialog box, enable the checkbox marked Auto-block

sites that attempt to use blocked ports.

Setting logging and notification for blocked ports

You can also adjust your event logs and notification to accommodate

attempts to access blocked ports. You can configure the Firebox to log all

attempts to use blocked ports, or notify a network administrator when

someone attempts to access a blocked port.

From the Blocked Ports dialog box:

1 Click Logging.

The Logging and Notification dialog box appears.

2 In the Category list, click Blocked Ports.

3 Modify the logging and notification parameters according to your

security policy preferences.

For detailed instructions, see “Customizing Logging and Notification by Service or

Option” on page 185.