User guide

Packet Filter Services

Reference Guide 69

provides strong authentication and secure (encrypted) communications.

WatchGuard recommends the use of ssh in lieu of more vulnerable

protocols like telnet, rssh, and rlogin.

If you use ssh, you should also use its strong authentication mechanisms.

Strong encryption mechanisms are available for U.S. customers, Canadian

customers, and customers who have been approved for use of strong

encryption by WatchGuard and/or the U.S. Government. If you would

like to use strong encryption (128 bit, 3DES) or IPSec, please contact

WatchGuard Technical Support.

Unix versions are available from ftp.cs.hut.fi (see ftp://ftp.cs.hut.fi/pub/

ssh), and information on versions for Windows can be found at

DataFellows (http://www.datafellows.com).

Characteristics

•Protocol: TCP

• Server Port(s): 22

• Client Port(s): less than 1024

• RFC: No number yet, but see:

http://www.cs.hut.fi/ssh/

Common Scenario

Description

There are one or more ssh servers on the Trusted network.

Icons in the Services Arena

An ssh icon – Allowing Incoming To the desired Trusted servers,

and Allowing Outgoing From Any To Any.

syslog

syslog is a service used to log operating system events on Unix hosts. The

most common reason to enable syslog data on a firewall is to collect data

from a host outside the firewall.

Because the syslog port is blocked by default, to allow one log host to

collect logs from multiple Fireboxes:

• Remove port 514 from the Blocked Ports list