Archive for Yuri Slobodyanyuk's blog on IT Security and Networking

Wed 23 October 2024 Fortigate fnsysctl command options with examples
Sun 05 May 2024 Fortigate - set filters on logs exported to Fortianalyzer or Syslog
Mon 05 February 2024 Fortigate - switch from NAT to transparent mode error fix
Sun 21 January 2024 Fortinet-related blogs to read
Tue 09 January 2024 Send logs from non-Fortinet devices to Fortianalyzer via Syslog
Mon 27 November 2023 Collection of Fortigate Automation Stitches
Mon 06 November 2023 My networks talk to a prisoner, help.
Tue 12 September 2023 sFlow in Fortigate disables Hardware Acceleration
Tue 01 August 2023 Fortinet products Fortigate Fortiweb Fortimail and others online demo access details
Tue 01 August 2023 Transfer FortiTokens Mobile (FTM) between Fortigates - visual guide.
Sun 18 June 2023 Tips on Upgrading Fortigate in HA Cluster
Sat 03 June 2023 Fortinet Support - Tips on opening tickets with their TAC to make them more effective
Sun 14 May 2023 Fortigate cannot delete VDOM or other object in use problem solution
Wed 12 April 2023 Fortigate as DNS authoritative server with DNS database
Tue 28 March 2023 macOS mdfind examples cheat sheet
Mon 27 March 2023 tcpdump now shows interface names in its output, finally
Tue 21 March 2023 Fortigate VPN SSL Hardening Guide
Tue 03 January 2023 Fortigate end of support and end of life explained
Thu 22 December 2022 Fortigate subscription expired, list of features that will continue to work
Mon 19 December 2022 Fortigate buying used pre-owned firewall most frequently asked questions
Mon 10 October 2022 Fortigate administrator GUI authentication bypass critical vulnerability CVE-2022-40684 found
Tue 30 August 2022 Network MTU maximum size path discovery (PMTU) testing with ping
Mon 08 August 2022 Fortigate free VM Evaluation License is now permanent, not limited to 15 days, here is how to get it.
Wed 13 July 2022 GNU tar archive tool reference by example
Mon 04 July 2022 Fortigate Local-in policy configuration examples for VPN IPSec, VPN SSL, BGP and more
Thu 16 June 2022 Aruba and HP switches debug and diagnostics commands cheat sheet
Sun 29 May 2022 How to downgrade Fortigate Fortios version without losing the configuration
Thu 21 April 2022 FortiOS 7.2 New - diagnose debug flow in the GUI
Thu 21 April 2022 FortiOS 7.2 New - improved packet sniffer in the GUI
Thu 21 April 2022 FortiOS 7.2 New: diagnose sys top process monitor in the GUI
Wed 13 April 2022 Where do I download Fortigate free trial VM?
Mon 04 April 2022 Fortigate new Workspace Mode to commit changes in a batch - with an example of changing default gateway
Mon 21 February 2022 Fortigate CLI Tips to avoid costly mistakes, save time, and make you more effective
Sun 07 November 2021 How to request Google, Cloudflare, and OpenDNS/Umbrella DNS servers cache clearing for your domain records
Wed 22 September 2021 Cisco router - disconnect VTY user forcefully without reloading the router
Sat 12 June 2021 Check Point Certified Troubleshooting Administrator (CCTA) 156-580 Exam Preparation Tips and Impressions
Wed 09 June 2021 You CAN and probably should rename/delete the default admin user on Fortigate, here is how
Mon 24 May 2021 Fortigate - doing SNAT and DNAT on the same traffic in traditional and Central NAT modes how-to
Sun 09 May 2021 Checkpoint API tutorial, part 1 - getting started
Mon 03 May 2021 Fortianalyzer diagnose and debug cheat sheet
Tue 27 April 2021 Fortianalyzer Custom Reports from Custom Datasets Visual Guide How-to
Thu 01 April 2021 Fortigate FortiOS 7.0 is out - what's new Visual Guide
Sun 14 March 2021 Fortigate Firewalls Hardware - CPU model and number, Memory (RAM) and hard disk size datasheet table
Sun 28 February 2021 Fortigate VM Evaluation License 15 Days Limitations Explained
Sun 21 February 2021 Failed to connect to Fortiguard servers verification and debug
Sat 12 December 2020 50,000 VPN usernames and their passwords from Fortigates around the world were leaked last week – what you can do to prevent it from happening to you
Sun 20 September 2020 Nfdump netflow/sflow cookbook of examples
Sat 08 August 2020 Using external threat feeds in FortiGate has become much easier with 6.0 and 6.2 versions
Wed 29 July 2020 Fortigate guest user accounts - create, edit, delete and deploy
Sun 26 July 2020 Fortigate how to verify that IPS is actually working
Sun 19 July 2020 Fortigate to Fortimanager management tunnel connection debug how-to
Tue 16 June 2020 Fortiweb Cookbook: Most Basic Setup - One website, add HTTPS support, Round Robin load balancing between two physical servers, all protections on Alert only, Host header filtration
Sun 14 June 2020 Fortiweb Cookbook: Basic setup - adding web site access authentication with local and remote (LDAP) users
Sun 07 June 2020 Fortigate Local in Policy what it does and how to change/configure it
Sat 06 June 2020 Fortiweb Cookbook: Most Basic Setup - One website, HTTP only, Round Robin load balancing between two physical servers, all protections on Alert only, Host header filtration
Thu 04 June 2020 Fortigate virtual IP server load balancing configuration and debug
Fri 29 May 2020 Fortigate DoS/DDoS sensor/policy rules configuration and verification
Wed 20 May 2020 Fortigate BGP cookbook of example configuration and debug commands
Sun 19 April 2020 AWS cli cookbook
Sat 21 March 2020 RAD ETX 203, 205, 220 debug and information commands
Fri 13 March 2020 Curl examples cookbook
Thu 05 March 2020 Fortiweb Cookbook: content routing based on URL configuration example
Sun 01 March 2020 Fortigate - enable e-mail as a two-factor authentication for a user and increase token timeout
Mon 10 February 2020 Fortigate CLI command alias to create shortcuts and save time
Sun 09 February 2020 What GEO location database Fortinet products are using?
Fri 24 January 2020 Fortigate has iperf client for traffic testing built in, here are all the details
Mon 13 January 2020 MRV Optiswitch OS904 OS906 OS912 debug and diagnostic commands
Fri 05 January 2018 Fortigate ssh access with public key authentication
Tue 05 September 2017 HIEW tutorial hexadecimal editor part 6 using HEM modules
Thu 17 August 2017 Checkpoint How to use R80.10 API for Automation and Streamlined Security webcast main points
Sat 29 July 2017 HIEW tutorial hexadecimal editor part 5 using Crypto module to program a keygen
Mon 03 July 2017 HIEW tutorial hexadecimal editor part 3 Navigation
Mon 03 July 2017 HIEW tutorial hexadecimal editor part 4 encrypting decrypting with XOR
Sun 25 June 2017 Binary obfuscation - String obfuscating in C
Mon 05 June 2017 How to manually install Security Policy via cli on Checkpoint Gaia.
Mon 05 June 2017 The one command to clear ALL the connections on a Checkpoint firewall - use with care
Mon 05 June 2017 What ports 18190 18209 18210 18211 in Checkpoint are used for
Wed 24 May 2017 HIEW Hex editor tutorials series , part 2 – the basics.
Tue 23 May 2017 HIEW Hex editor tutorials series , part 1 – the history.
Mon 22 May 2017 XCK and CRK file formats for binary patching in Windows.
Sun 21 May 2017 NMAP UDP DNS scan unexpected packets sending
Tue 18 April 2017 Last measure for the desperate case of a lost access to the Check Point firewall
Sat 11 March 2017 How many times can we change IP address of the Check Point license?
Wed 25 January 2017 NMAP run stages flow diagram
Fri 13 January 2017 Hex editor of binary files on Linux
Sat 07 January 2017 Ever wondered how much does ip addresses allocation cost to your service provier ?
Tue 03 January 2017 Public DNS servers open to any on the Internet
Mon 19 December 2016 Linux ip route command reference by example
Sat 10 December 2016 Free public NTP servers from Google
Thu 01 December 2016 Disconnect VPN or Mobile Access or SNX user from Check Point firewall
Sat 12 November 2016 On what Linux version do Check Point firewalls run ?
Tue 01 November 2016 Configure SSL protocol version used in SSL VPN by Check Point
Sat 13 August 2016 Add free disk space to Check Point appliance hard disk
Tue 21 June 2016 Check Point Gaia route missing after adding via ip route add problem
Mon 13 June 2016 RHEL get firewall zones and their interfaces in one go
Sat 21 May 2016 fw ctl zdebug drop - Check Point firewall ultimate debug command
Thu 21 April 2016 Do not miss Netflow capability of Check Point Gaia R77 and above
Sat 20 February 2016 Change colors of ls output in the bash shell
Fri 22 January 2016 How to know Checkpoint UTM Appliance model from the cli
Thu 14 January 2016 Undocumented command to install policy on Locally managed Checkpoint UTM 1100 series appliance
Sat 15 August 2015 Useful CLI commands for Cisco CUCM, Cisco Unity Connection and IM and Presence
Fri 24 July 2015 Cisco reflexive access-lists are still on CCNP Security exam
Mon 13 July 2015 How to know if a license or a subscription is about to expire for Check Point product
Sun 14 June 2015 Overlooked but nice utility from Checkpoint - cpview
Wed 10 June 2015 Checkpoint Mobile Access support for SHA-256 SSL certificates
Mon 07 July 2014 SNMP in Gaia default community string
Wed 14 May 2014 RIPE database query for a route object, or why my network is not advertised
Mon 12 May 2014 Cisco CUCM CDR report - call duration and called numbers extraction script
Mon 10 February 2014 Convert Checkpoint SPLAT routes into Gaia route configuration commands
Sun 28 July 2013 PTR bulk DNS resolver in Perl to see what is in the name
Tue 25 June 2013 Bash script to generate random passwords
Sat 04 May 2013 Disabling SSL Deep inspection proxy in Fortigate should be easier
Mon 08 October 2012 md5 sha256 sha-1 tiger and whirlpool sum checker for Windows
Fri 03 August 2012 Checkpoint SNX 75 does work on Mac OS X 10.8 Mountain Lion
Tue 31 July 2012 Agressive scans from 69.175.126.170 - HD Moore is trying to save the Internet
Mon 23 July 2012 SCP file transfers and Checkpoint R75 problems
Mon 16 April 2012 How to enroll Cisco VPN client with IOS CA
Thu 16 February 2012 Check duplex and speed settings of all interfaces in one go
Mon 13 February 2012 Funny way to expire Antispam license in Checkpoint
Thu 09 February 2012 Finally GEO location blocking has arrived to Fortigate
Mon 06 February 2012 Convert Fortigate diagnose sniffer packet output into tcpdump format understood by Wireshark
Tue 31 January 2012 awk weekly - Security rule hits statistics . Checkpoint
Mon 14 November 2011 Time-based access limiting on Checkpoint or any Linux for any network service
Sat 12 November 2011 Set NTP time source on Checkpoint to have correct log timestamps
Thu 27 October 2011 All you need to know about networking in Checkpoint firewall SecurePlatform FAQ
Wed 26 October 2011 Enable 2 factor authentication to protect your Gmail account if you have not
Sun 09 October 2011 Watch your DNS records day and night with Nagios plugins
Mon 03 October 2011 Limit maximum size of scanned files in Fortigate firmware 4
Fri 23 September 2011 'Archive IOS running configuration automatically for possible rollback '
Sat 13 August 2011 Configure DVTI hairpinning on Cisco router for safe browsing
Tue 02 August 2011 Enable RADIUS Authentication for SSH and WEBGui access to the Checkpoint firewall
Fri 15 July 2011 Encrypting preshared keys stored on the cisco IOS router
Wed 22 June 2011 Cisco router – how to schedule an unattended reload with EEM
Thu 28 April 2011 Enable SNMP v3 in Checkpoint video walkthrough
Tue 05 April 2011 Two tips to secure SSH access from specific IPs to specific users in Checkpoint or any Linux
Mon 28 March 2011 'How to separate inbound and outbound data graphs in Nfsen Netflow tool '
Thu 24 March 2011 You can be Nmap hacker too - contribute new signatures in few easy steps and feel proud of yourself
Wed 23 March 2011 Checkpoint firewall VPN debug cheat sheet
Fri 18 March 2011 RSA servers have been hacked
Sun 13 March 2011 Cisco Netflow performance data
Fri 18 February 2011 My Amazon book list for CCIE Security Lab exam
Thu 17 February 2011 Cisco ASA 5500 Series Content Security and Control Security Services Module or just CSC-SSM and how it looks
Tue 04 January 2011 How to enable SCP protocol on Checkpoint firewall for transferring files - video
Fri 31 December 2010 New Year present from Checkpoint - R75 download
Sat 25 December 2010 Check Point Certified Master Architect Certification is more accessible than ever
Sun 12 December 2010 Best open source Netflow/sFlow analyzing software
Sat 04 December 2010 Class A 2.0.0.0 is inaccessible from behind Edge devices bug
Mon 15 November 2010 IP address pools of Facebook to block, if you need to
Sun 14 November 2010 Grab bag of IPF firewall commands for FreeBSD and Solaris 10
Sun 31 October 2010 The D-day for CheckPoint UTM-1 Edge Appliances happened today - reboots are reported all over the world
Fri 29 October 2010 The easiest way to disclose Cisco routers on the network and how to fix it
Mon 25 October 2010 Too much of the Zeus on TV
Sat 23 October 2010 Convert mb4 to mp3 files in one run with ffmpeg
Thu 14 October 2010 Do not miss the long awaited addition to the Fortigate 4 MR2 – sFlow data export
Tue 12 October 2010 Darknet can't lie - most of the attacks, scans and other interesting things
Thu 07 October 2010 Funny things people do - how to turn Checkpoint UTM 450 into Windows Media player
Thu 07 October 2010 You need no MX record to get mails
Tue 05 October 2010 Skynet got blacklisted - Google mail servers entered RBL of Sorbs.net
Mon 04 October 2010 How come assigning VPN user to specific group takes just one command but no one does it ?
Thu 30 September 2010 Turn the Checkpoint firewall into network-neutral router and do it in 2 minutes.
Tue 07 September 2010 Number of connected SecureClient or Secureremote users
Tue 07 September 2010 Checkpoint - turn netconf.C routes into linux route command
Sat 28 August 2010 snmp-map in ASA is for passing through traffic only
Wed 25 August 2010 ASA 8.2 now speaks SNMP v3 decently
Tue 24 August 2010 sla monitor in Cisco ASA land
Tue 24 August 2010 Teach Cisco ASA to speak NTP
Mon 23 August 2010 Redundant interfaces in Cisco ASA
Mon 23 August 2010 Find SmartCenter address on the firewall module
Mon 23 August 2010 Playing with RIP on ASA
Sun 22 August 2010 Subnet calculator in Checkpoint firewall
Thu 19 August 2010 Restart Checkpoint Smart Center/Management Server only, without traffic interruption
Sat 14 August 2010 List of valid domain names for load testing DNS
Sat 14 August 2010 Restart SNMP daemon on Checkpoint
Wed 11 August 2010 Query non-standard port of SNMP with snmpwalk
Thu 15 July 2010 Break free from the GUI dependency – checking Fortigate logs on the cli.
Fri 02 July 2010 MAC finder script
Sat 26 June 2010 Visio stencils for Cisco, Juniper, Fortinet, Checkpoint, Avaya Updated for 2020
Sat 26 June 2010 Where do I download the Checkpoint Splat/Gaia image
Fri 25 June 2010 8 Things to do before opening ticket with Checkpoint
Wed 16 June 2010 Solaris interfaces – create assign delete
Wed 09 June 2010 How to choose the password that noone can guess and you cant remember
Fri 04 June 2010 Top 10 usernames used in SSH brute force
Thu 03 June 2010 SSH brute force is on the rise, awk script to count failed SSH attempts
Wed 02 June 2010 Change IP address on the interface without losing the connection
Sat 29 May 2010 Schedule fw monitor to run unattended via cron
Wed 26 May 2010 SMTP inspection with policy-map in ASA
Sat 22 May 2010 Alert on change of SOA in domain
Wed 19 May 2010 FTP inside VPN Checkpoint troubles
Sun 16 May 2010 Configure VLAN Solaris way
Sat 15 May 2010 md5 and sha1 hashing in Solaris
Sat 15 May 2010 Encrypting local files in Solaris
Sat 01 May 2010 Authenticating ssh access on the Checkpoint using external Radius server
Fri 23 April 2010 How to know UTM appliance version on the CLI
Fri 09 April 2010 fw ctl or checkpoint tables by any other name
Wed 31 March 2010 Solaris – configure ftp server
Fri 26 March 2010 Fortigate BGP - configure and debug
Mon 22 March 2010 Scan of the week – scan by country scan by continent
Sat 20 March 2010 Install native telnet client on Checkpoint firewall
Sat 13 March 2010 Traffic shaping in Checkpoint the Linux way
Sat 13 March 2010 awk weekly rule hits statistics checkpoint again
Mon 08 March 2010 awk weekly – Checkpoint Anti Spam statistics or viva les Open Relays
Sun 28 February 2010 Cisco IPS sensor – initial setup
Fri 26 February 2010 awk weekly - how to see Checkpoint logs on command line
Fri 26 February 2010 Difference between ebgp-multihop and ttl-security.
Thu 25 February 2010 VPN client stops working in visitor mode after major update
Sat 13 February 2010 fw monitor add-on - using tables in Checkpoint fw monitor capture tool
Wed 03 February 2010 Fortigate firewall demo free access. Also FortiManager and FortiAnalyzer
Mon 01 February 2010 Mail alert on ssh login or any other rule hit in Checkpoint
Mon 01 February 2010 Capture packets at IOS Cisco router or finally we have a sniffer
Tue 26 January 2010 Enabling antispam or antivirus on the Checkpoint gateway blocks smtp or http traffic
Sat 23 January 2010 IP Options are evil - drop them , drop them on Cisco Asa/IOS Microsoft ISA
Thu 21 January 2010 'Cisco log: Missing cef table for tableid 65535 during CEF samecable event'
Tue 19 January 2010 Scheduled Daily Reboot of FortiGate
Mon 18 January 2010 Cisco ASA privilege separation for a local user or read only user on ASA
Thu 31 December 2009 Print rulebase in Checkpoint firewall
Wed 30 December 2009 Checkpoint – back up centrally for recovery.
Sat 19 December 2009 Checkpoint winscp troubles
Tue 15 December 2009 ARP table overflow in Checkpoint and Linux in general
Mon 14 December 2009 Increase log size in eSafe
Mon 14 December 2009 Increase the limit and rotate SSH log files in Checkpoint firewall
Sat 12 December 2009 fw monitor command reference CheckPoint firewall
Tue 20 October 2009 copy http flash – download from HTTP server to the Cisco router
Fri 18 September 2009 SSH login alert by mail Linux or Unix based systems
Sun 13 September 2009 Reinstall Checkpoint UTM-1 firewall, the hard way...
Tue 01 September 2009 Ping – setting don't fragment bit in Linux/Windows/FreeBSD/Solaris/Cisco/Juniper
Sat 20 June 2009 Don't rely on SmartViewTracker only - it may lie
Fri 19 June 2009 Failed to connect to Fortiguard servers
Wed 10 June 2009 You can't set duplex/speed settings of the Fortigate interfaces?
Thu 28 May 2009 Tracking the source of DDOS attack with Cisco IOS ip source tracking
Fri 08 May 2009 Checkpoint UTM Appliance or Open Server/Power ?
Sat 02 May 2009 Change password for console expert user Checkpoint Splat
Tue 21 April 2009 Debug VPN in Fortigate - seeing is believing
Thu 09 April 2009 Black hole routing to the rescue - Fortigate OS 4 surprise
Sat 07 March 2009 eSafe Certified Professional
Sat 17 January 2009 Cisco routers ip accounting to see most bandwidth abusing connections
Sat 06 December 2008 Finding the station/IP using/abusing most of the bandwidth – PIX/ASA
Sat 25 October 2008 Clear ARP table in Checkpoint
Fri 10 October 2008 Prevent brute force attack on VTY in Cisco IOS
Tue 23 September 2008 Manage VPN tunnels smartly: forget vpn tu,enter the vpn shell
Sun 21 September 2008 Autologin Expect scripts for telnet/ssh
Mon 15 September 2008 SSH session timeout in Checkpoint Firewall
Wed 10 September 2008 Telnet from inside Checkpoint firewall
Sat 06 September 2008 Aladdin Esafe defaults and some debug commands
Sat 06 September 2008 find tool patterns