Category Archives: 810

hexadecimal file signature

DescriptionExtensionHex File Signature
7Z377ABCAF271C0003C4F2B09A65700500
ACCDB00 01 00 00 53 74 61 6E 64 61 72 64 20 41 43 45
ACE504B030414000200080043683649AD2F
Batch FileBAT406563686F206F66660D0A0D0A696620
CMD40 65 63 68 6F 20 6F 66 66 0D 0A 73 65 74 6C 6F
CSS2F 2A 43 53 53 20 74 65 73 74 20 66 69 6C 65 0A
CSV2C4669727374204E616D652C4C617374
DLL FileDLL4D 5A 90 00 03 00 00 00 04 00 00 00 FF FF 00 00
DOCM50 4B 03 04 14 00 06 00 08 00 00 00 21 00 5B 65
Excel DocumentXLSD0 CF 11 E0 A1 B1 1A E1 00 00 00 00 00 00 00 00
Excel Document 97-2003XLSX50 4B 03 04 14 00 06 00 08 00 00 00 21 00 62 EE
ExecutableEXE4D 5A 90 00 03 00 00 00 04 00 00 00 FF FF 00 00
ExecutableEXE4D 5A 50 00 02 00 00 00 04 00 0F 00 FF FF 00 00
JS2F2A0A4A5320746573742066696C650A
MDB00 01 00 00 53 74 61 6E 64 61 72 64 20 4A 65 74
PDF DocumentPDF25 50 44 46 2D 31 2E 37 0A 0A 34 20 30 20 6F 62
PHP3C 3F 70 68 70 20 0A 24 74 65 78 74 20 3D 20 20
PowerPoint Document 97-2003PPTD0 CF 11 E0 A1 B1 1A E1 00 00 00 00 00 00 00 00
PowerPoint DocumentPPTX50 4B 03 04 14 00 06 00 08 00 00 00 21 00 DF CC
RAR FileRAR52 61 72 21 1A 07 00 15 37 73 44 00 0D 00 00 00
VBSFF FE 27 00 2D 00 2D 00 2D 00 2D 00 2D 00 2D 00
Word Document 97-2003DOCD0 CF 11 E0 A1 B1 1A E1 00 00 00 00 00 00 00 00
Word DocumentDOCX50 4B 03 04 14 00 06 00 08 00 00 00 21 00 DF A4
ZIP FileZIP50 4B 03 04 0A 00 00 00 08 00 C9 08 88 4E 5B 26
ZIP FileZIP50 4B 03 04 14 00 02 00 08 00 BA 7C 47 4E 4E 5C
ZIP FileZIP50 4B 03 04 0A 00 00 00 00 00 E2 7C 01 4D 00 00
ZIP FileZIP50 4B 03 04 14 00 02 00 08 00 43 68 36 49 AD 2F
ZIPX50 4B 03 04 3F 00 00 00 0E 00 20 6B 10 49 F6 79

Watchguard Feature Requests and Enhancements

Below is a list of Requests for Engineering and Enhancements that have been submitted to Watchguard for the XTM UTM Appliance Range

If you would also like any of these features then I would suggest that you raise a Technical support case with Watchguard and mention the appropraite RFE within your support ticket. You should also ask the case to be set to Status: Bug/Enhancement Submitted and select “Receive BUG/RFE Updates?” so that you are alerted when the feature is implemented in a new XTM OS release. The more cases that are logged against an RFE the faster Watchguard are likely to get the new feature implemented.

  • RFE61499 – Support for FTP through Explicit TLS/SSL
  • RFE62784: Ability to choose dns server requests on dedicated external interface
  • RFE66209 Protection against Brute Force Attacks on OWA, FTP and SMTP
  • RFE67449 – Support for SMTP PIPELINING
  • RFE67450: support for DSN in SMTP proxy
  • RFE67451: support for ENHANCEDSTATUSCODES in SMTP proxy
  • RFE72251: Local WebBlocker Server with Websense Categorization Engine
  • RFE73433 Ability to block or drop traffic based off of geographic location

Please also feel free to post your comments about these feature requests and any others that you think would be beneficial.  I will update the post with new RFE’s so that we can collectively push Watchguard product development for them to be implemented.

 

Watchguard XTM 1050, XTM 2050, XTM 2 Series, XTM 3 Series, XTM 5 Series, XTM 8 Series – Fireware XTM OS 11.7.2 Update 1 Build # 417473

Watchguard XTM 1050, XTM 2050, XTM 2 Series, XTM 3 Series, XTM 5 Series, XTM 8 Series – Fireware XTM OS 11.7.2 Update 1 Build # 417473

Issues resolved in Fireware XTM v11.7.2 Update 1 Build # 417473

•This release includes an update to the Mailshell engine that provides a significant improvement over the original Fireware XTM v11.7.2 release in spam detection for our spamBlocker customers.
•Dynamic DNS updates no longer fail. [70047]
•This release resolves an issue that caused Branch Office VPN to stop functioning after an upgrade from Fireware XTM v11.4.x to v11.6.x or v11.7.x. [71323]
•The iked process no longer crashes when you use the CLI autodiag command for Mobile VPN with IPSec traffic. [70963]
•This release resolves an issue that caused traffic through a branch office VPN tunnel to stop for XTM 3 Series and XTM 25/26 devices. [70202, 71732, 70342]
•Branch office VPN tunnels no longer fail to pass traffic when the tunnel name exceeds 28 characters. [71448]
•SNMP now displays the accurate number of branch office VPN tunnels. [67075]
•The XTM device DHCP server now correctly sends a NACK reply for devices that have an existing DHCP lease. [68975, 64455]
•The loggerd process no longer uses excessive CPU. [66060, 71926]
•This release resolves an issue that caused the CPU on the XTM device to lock up when using IPS or Application Control. [71706]
•An issue that caused the firewalld process to crash has been resolved. [71589]
•The HTTP proxy MSS handling has been improved to enable the MTU to be adjusted independently for inbound and outbound proxy connections. This improvement prevents applications such as Facebook from stalling. [71871]
•This release resolves several issues that caused kernel crashes. [72156, 70316]

You can download 11.7.2 Update 1 Build # 417473 from Watchguard Support Portal by logging in to your account.

Watchguard XTM 1050, XTM 2050, XTM 2 Series, XTM 3 Series, XTM 5 Series, XTM 8 Series – Fireware XTM OS 11.7.2 Build # 365430

Watchguard XTM 1050, XTM 2050, XTM 2 Series, XTM 3 Series, XTM 5 Series, XTM 8 Series – Fireware XTM OS 11.7.2 Build # 365430

Issues resolved in Fireware XTM v11.7.2 Build # 365430

General
•WatchGuard Server Center no longer fails to open if you specify a long path to the log file. [71406]
•You can now upgrade the XTM OS version on your XTM device from Fireware XTM Web UI from a Windows 8 browser. [70997]
•In response to a security advisory issued by OpenSSL, we have upgraded Fireware XTM OS to use OpenSSL 0.9.8y. [71416]
•In response to a security advisory issued by Adobe, we have upgraded the Flex XSS used in the Fireware XTM Web UI. [70444]
•Our thanks to Wayne Murphy and Ben Burns of Sec-1 for reporting some XSS and SQLi web application vulnerabilities in our quarantine portal, which have been resolved in this release. [71188]

Proxies and Subscription Services
•WebBlocker evaluations (with a WebBlocker trial license) now operate correctly. [71507]
•WebBlocker exception rules to deny web site access now work correctly. [71760, 71783]
•An issue that caused web browsing to slow or fail when you use WebBlocker with Websense server has been resolved. [71057, 71557]
•This release resolves a system memory leak that occurred when you used the HTTPS proxy and WebBlocker. [71082]
•You can now set a main Application Category to Drop while you have a subcategory set to Allow. [71018]
•Proxy stability when using IPS or Application Control has been improved. [71024, 71046, 71270, 71495, 71371, 71240, 71733, 70977, 71713]
•TLS encryption is no longer enabled by default in the SMTP proxy configuration, but can be enabled if you want to use it. [71137]

Logging and Reporting
•This release resolves an issue that caused the logging processes on the XTM device to use a high percentage of CPU. [59979, 66060]
•Log data now correctly shows in Log Manager when you sort messages by the “Date-Time” column. [70145]
•Correct log data now shows correctly in Firebox System Manager Traffic Monitor and in the Web UI Syslog option. [71044]
•A problem with log messages generated for Reputation Enabled Defense has been corrected so that the number of sites blocked by RED is now correctly counted. [70920]
•The User Authentication Denied report now generates with correct and complete information. [71359]
•A problem that prevented reports for older data sets from generating with a resulting memory error has been resolved in this release. [70957]
•The Web Audit by Client PDF report generation process has been improved so that the data now matches the data in an HTML formatted report. [63472]

Networking
•The SNMP process on XTM 25/26 and XTM 33 devices is now restarted automatically in the event that it gets stuck in a dormant state. [70975]
•Multi-WAN failover now works correctly with Static NAT configured on the external interface for failover. [71148]
•This release resolves a problem that prevented Policy Based Routing from correctly routing traffic through a second external interface. [71175]

FireCluster
•This release resolves an issue that caused a low memory condition when an active/passive FireCluster was configured. [70204]
•The Virtual MAC address is no longer sent from the backup master when you use an active/passive FireCluster with DHCP relay enabled. [71028]

Authentication
•You can now correctly add and edit Firebox-DB users from the Web UI. [71079]

Branch Office VPN
•An automatically created VPN policy to allow traffic through a managed VPN tunnel now works correctly when its name exceeds 46 characters in length. [70994]
•When you install the Management Server on a non-English Windows OS, you can now correctly add VPN resources. [71180]

Mobile VPN
•The feature key entry previously called “Mobile VPN Users” has been re-labeled “IPSec VPN Users” for clarity. [69581]

You can download 11.7.2 Build # 365430 from Watchguard Support Portal by logging in to your account.