393
DMZ
DMZ (demilitarized zone) is a reserved network area where services available both from
the Internet and from the LAN are run (e.g. a company’s public web server). DMZ provides
an area, where servers accessible for public are be located separately, so they cannot be
misused for cracking into the LAN.
More information can be found for example at
DNS
DNS (
Domain Name System
) A worldwide distributed database of Internet hostnames and
their associated IP address. Computers use Domain Name Servers to resolve host names
to IP addresses. Names are sorted in hierarchized domains.
Firewall
Software or hardware device that protects a computer or computer network against at-
tacks from external sources (typically from the Internet).
In this guide, the word
firewall
represents the
WinRoute
host.
FTP
File Transfer Protocol
. The FTP protocol uses two types of TCP connection: control and
data. The control connection is always established by a client. Two FTP modes are distin-
guished according to a method how connection is established:
•
active mode
— data connection is established from the server to a client (to the
port specified by the client). This mode is suitable for cases where the firewall
is at the server’s side, however, it is not supported by some clients (e.g. by web
browsers).
•
passive mode
— data connection is established also by the client (to the port
required by the server). This mode is suitable for cases where the firewall is at
the client’s side. It should be supported by any FTP client.
Note: WinRoute
includes special support (protocol inspector) for FTP protocol. Therefore,
both FTP modes can be used on LAN hosts.
Gateway
Network device or a computer connecting two different subnets. If traffic to all the other
(not specified) networks is routed through a gateway, it is called the default gateway.
Greylisting
A method of protection of
SMTP
servers from spam. If an email message sent by an
unknown sender is delivered to the server, the server rejects it for the first time (so called
temporary delivery error). Legitimate senders attempt resend the message after some
time. SMTP server lets the message in and considers the sender as trustworthy since
then, not blocking their messages any longer. Most spam senders try to send as great
volume in as short time as possible and stay anonymous. Therefore, they usually do not
repeat sending the message and focus on another SMTP server.
More information (in English) can be found for example at
Summary of Contents for Firewall6
Page 1: ...Kerio WinRoute Firewall 6 Administrator s Guide Kerio Technologies...
Page 129: ...8 5 HTTP cache 129...
Page 404: ...404...