Remove Request Option Specifies if options should be removed from request. The
default is False which means "do not remove".
Allow Unknown Options If this option is not enabled then any option in a request
other than the blocksize, the timeout period and the file
transfer size is blocked. The setting is disabled by default.
TFTP Request Options
As long as the Remove Request Option described above is set to false (options are not
removed) then the following request option settings can be applied:
Maximum Blocksize The maximum blocksize allowed can be specified. The
allowed range is 0 to 65,464 bytes. The default value is
65,464 bytes.
Maximum File Size The maximum size of a file transfer can be restricted. By
default this is the absolute maximum allowed which
999,999 Kbytes.
Block Directory Traversal This option can disallow directory traversal through the use
of filenames containing consecutive periods ("..").
Allowing Request Timeouts
The NetDefendOS TFTP ALG blocks the repetition of an TFTP request coming from the same
source IP address and port within a fixed period of time. The reason for this is that some TFTP
clients might issue requests from the same source port without allowing an appropriate timeout
period.
6.2.6. The SMTP ALG
Overview
Simple Mail Transfer Protocol (SMTP) is a text based protocol used for transferring email between
mail servers over the Internet. Typically, a local mail server will be located on a DMZ so that mail
sent by remote mail servers will traverse the NetDefend Firewall to reach the local server.
Local clients behind the firewall will then use email client software to retrieve email from the
server and to send mail to the server for forwarding out to other mail servers on the public
Internet. Various protocols may be used for communication between clients and a mail server.
Microsoft ActiveSync™ is a common choice. Retrieval may also be done with the POP3 or IMAP
protocol but sending mail to the server may be done using SMTP. These interactions are
illustrated in the diagram below.
Chapter 6: Security Mechanisms
448
To Next Page
Loading...
