Two tips to secure SSH access from specific IPs to specific users in Checkpoint or any Linux

Today I'll bring you two tips to secure SSH access to the Checkpoint firewall/Linux server beyond firewall rules itself. SSH access is the most powerful way to own the firewall so it should be secured to the paranoid level and even then it is never enough. Tip 1 Change …



'How to separate inbound and outbound data graphs in Nfsen Netflow tool '

As I said already ( here and here ) for gathering Netflow data, especially with security in mind, I deem Nfsen/nfdump to be the best. And with some easy 2-minutes tweaking I can always make it do exactly what I want. By default when you configure Cisco to export both ingress …



You can be Nmap hacker too - contribute new signatures in few easy steps and feel proud of yourself

NMAP is probably the most known long standing and community involved security-related project in the Open Source universe ever. And it is quite naturally to think that there is nothing left to be done to improve it by end users like us, and of course the opposite is the case …



Checkpoint firewall VPN debug cheat sheet

I love cheat sheets. Once I learn some product or technology to the level of understanding how it works I find the cheat sheets with all the options to run it and keep it handy. In case of the Checkpoint firewalls such cheat sheets are pretty much absent so I …



RSA servers have been hacked

Anything connected to the Internet will be hacked in someday and RSA is no exception.The open letter is here RSA Open Letter, but more interesting are best practices published in response to the attack - www.sec.gov



Cisco Netflow performance data

Not much of a post but link to the Cisco site stating how much Netflow loads the Cisco routers: Netflow data sheet I, personally, do a lot of Netflow monitoring and can say that on unloaded routers , passing 2-5 mbits/sec of traffic, the additional load will be some 1-2 …



My Amazon book list for CCIE Security Lab exam

Not limited to CCIE Security Lab only, of course, here is the list of books I find really useful in preparing for the Lab . Amazon Listmania list



Cisco ASA 5500 Series Content Security and Control Security Services Module or just CSC-SSM and how it looks

While the reason for me getting involved with this ASA 5510 module is of less interest (client was getting notification message " LogServer has recently stopped on InterScan for CSC SSM" , more about that at the end of the post) , the module itself looks cute , so I bring here some output …



How to enable SCP protocol on Checkpoint firewall for transferring files - video

Hi everyone, in this video I tell and show how to enable SCP file transfer in Checkpoint firewall. I am beta testing it at the present therefore a bit shy to present to the wide audience, but be sure to check later when this idea of my site goes public …



New Year present from Checkpoint - R75 download

New Year present from Checkpoint - R75 Well, saying 'present' I was a bit sarcastic - just another release in the NGX family - R75 , that is now available for download: R75 release . So go ahead , install it , use it, enjoy its new features and bugs and report back to the mothership . Note …