WatchGuard x1000 用户指南
Configuring an FTP Proxy Service
User Guide
149
6
Select the checkbox marked Masquerade MIME
boundary strings to specify that the firewall converts
MIME boundary strings in messages and attachments
to a string that does not reveal internal host names or
other identifying information.
boundary strings to specify that the firewall converts
MIME boundary strings in messages and attachments
to a string that does not reveal internal host names or
other identifying information.
Configuring an FTP Proxy Service
The FTP proxy service enables you to access another com-
puter (on a separate network) for the purposes of browsing
directories and copying files. Consequently, FTP is inher-
ently dangerous. If configured incorrectly, the FTP service
allows intruders to access your network and important
information such as passwords and configuration files.
FTP is also potentially dangerous outbound because it
enables users on your network to copy virtually anything
from outside the network to a location behind their fire-
wall.
puter (on a separate network) for the purposes of browsing
directories and copying files. Consequently, FTP is inher-
ently dangerous. If configured incorrectly, the FTP service
allows intruders to access your network and important
information such as passwords and configuration files.
FTP is also potentially dangerous outbound because it
enables users on your network to copy virtually anything
from outside the network to a location behind their fire-
wall.
Therefore, it is important to make the FTP service as
restrictive as possible. Ideally, try to isolate the inbound
FTP servers to a single host (or hosts) on your optional net-
work. Make sure you protect your trusted network from
FTP requests from the host or hosts on the optional net-
work as well. Like SMTP, the FTP proxy includes custom-
ized features that provide more complete control over the
traffic that passes through your firewall.
restrictive as possible. Ideally, try to isolate the inbound
FTP servers to a single host (or hosts) on your optional net-
work. Make sure you protect your trusted network from
FTP requests from the host or hosts on the optional net-
work as well. Like SMTP, the FTP proxy includes custom-
ized features that provide more complete control over the
traffic that passes through your firewall.
For detailed information about the FTP proxy, see the fol-
lowing FAQ:
lowing FAQ:
For troubleshooting information for the FTP proxy, see the
following FAQ:
following FAQ: