美文网首页
什么是pinhole

什么是pinhole

作者: 乃铭 | 来源:发表于2017-05-18 16:23 被阅读33次

    In computer networking, a firewall pinhole is a port that is not protected by a firewall to allow a particular application to gain access to a service on a host in the network protected by the firewall.

    Leaving ports open in firewall configurations exposes the protected system to potentially malicious abuse. A fully closed firewall prevents applications from accessing services on the other side of the firewall. For protection, the mechanism for opening a pinhole in the firewall should implement user validation and authorization.

    For firewalls performing a network address translation (NAT) function, the mapping between the external {IP address, port} socket and the internal {IP address, port} socket is often called a pinhole.

    Pinholes can be created manually or programmatically. They can be temporary, created dynamically for a specific duration such as for a dynamic connection, or permanent, such as for signaling functions.

    Firewalls sometimes automatically close pinholes after a period of time (typically a few minutes) to minimize the security exposure. Applications that require a pinhole to be kept open often need to generate artificial traffic through the pinhole in order to cause the firewall to restart its timer.

    源自维基百科 https://en.wikipedia.org/wiki/Firewall_pinhole

    相关文章

      网友评论

          本文标题:什么是pinhole

          本文链接:https://www.haomeiwen.com/subject/tmisxxtx.html