Firewall pinhole

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Template:Use American English

In computer networking, a firewall pinhole is a port that is not protected by a firewall to allow a particular application to gain access to a service on a host in the network protected by the firewall.[1][2]

Leaving ports open in firewall configurations exposes the protected system to potentially malicious abuse. A fully closed firewall prevents applications from accessing services on the other side of the firewall. For protection, the mechanism for opening a pinhole in the firewall should implement user validation and authorizationScript error: No such module "Unsubst"..

For firewalls performing a network address translation (NAT) function, the mapping between the external IP address, port socket and the internal IP address, port socket is often called a pinhole.

Pinholes can be created manually or programmatically. They can be temporary, created dynamically for a specific duration such as for a dynamic connection, or permanent, such as for signaling functions.

Firewalls sometimes automatically close pinholes after a period of time (typically a few minutes) to minimize the security exposure. Applications that require a pinhole to be kept open often need to generate artificial traffic through the pinhole in order to cause the firewall to restart its timer.

See also

References

<templatestyles src="Reflist/styles.css" />

  1. Script error: No such module "citation/CS1".
  2. Script error: No such module "Citation/CS1".

Script error: No such module "Check for unknown parameters".


Template:Asbox