As you probably noticed IP header has variable length placeholder for the IP Options field. It has been there since the beginning , once a good idea for debug now turned into trouble. RFC 791 states that hosts/routers supporting IP protocol must implement Ip Options filed . It is up to the vendor to decide [...]
23
2010
15
2009
ARP table overflow in Checkpoint and Linux in general
Not specific to the Checkpoint but rather any Linux-based system issue, still people often
forget about that and look for the Checkpoint-specific solutions to that , so to help with this search I wrote the note
how to fix it below:
Problem usually shows itself in randomly distributed inability of stations to pass the firewall, slowness and other network problems [...]
18
2009
SSH login alert by mail Linux or Unix based systems
As you may have noticed many security-related software/appliances are based on Linux or Unix operating
systems in their variety. And as the logical consequence of that remote managing of such devices is done with OpenSSH
package . What is lacking in these applications built on Linux/Unix platforms is alerting in real–time on successful
SSH login to the system [...]
1
2009
Ping – setting don't fragment bit in Linux/FreeBSD/Solaris/Cisco/Juniper
Ping.
Many times while debugging network problems of various kinds you need to send some packets
of desirable size and don’t fragment bit being set. Below I list how to do it for the different
equipment/OSes.
Let’s start with the most popular operating system among network folks – Linux:
Linux
By default ping in any Linux-based system (It also means any [...]
25
2008
Clear ARP table in Checkpoint
Yesterday my colleague asked how to clear all entries in the ARP table of the
NGX in question (Splat). I thought the arp command of the Linux would include some switch for that case too – but it didn’t. To delete ARP entry from the ARP cache you use #arp -d <IP address to be deleted> [...]
21
2008
Autologin Expect scripts for telnet/ssh
Tired of typing over and over your username/password when using
telnet/ssh ? Here are Expect http://expect.nist.gov/ scripts to autologin by Telnet and ssh
Notes:
- Yes, it is not secure to keep you username/password saved somewhere, so know
what you do . In my opinion as long as this
is a dedicated for remote logins server, that has no access [...]
6
2008
find quicky
The few find templates I find useful in a day to day job.
The ones below were of great help when I had to clean Esafe that had more
than 100,000 files in the spool ! So usual shell wild-card expansion didn’t work
(try to do ls in a folder with 130000 files So I removed [...]