Checkpoint SNX 75 does work on Mac OS X 10.8 Mountain Lion

While not mentioned explicitly in Release Notes for SNX 75 (it lists there only Mac OS X 10.7, 10.7.1, 10.7.2 Lion, 32-bit and 64-bit as supported versions) , it does work with new version of Apple Mac. Yesterday I did it for R71.40 and it …



Agressive scans from 69.175.126.170 - HD Moore is trying to save the Internet

I've been seeing this for some time so you will see it soon too. We speak here mostly about SNMP probes coming from a set of very specific IPs. If you do a search on IP you get to the webpage below http://critical.io (web site is not up …



SCP file transfers and Checkpoint R75 problems

There is a known issue with transferring big files (bigger than 1 Mb) from/to SecurePlatform firewall by Checkpoint. The file transfer fails with some error about buffers. The problem is that Checkpoint SPLAT comes with old opensshd daemon , which has a bug in it dated 2006 ( https://bugzilla.redhat …



How to enroll Cisco VPN client with IOS CA

It is worth mentioning that Cisco IOS routers can serve as CA servers as well. The example configurations are easy to find on the cisco.com (see link below). The only trick to know not stated in the documentation - when enrolling Cisco VPN client with IOS CA the syntax you …



Check duplex and speed settings of all interfaces in one go

One of the first things you do when checking connectivity issues on the Checkpoint (or any networking gear for that matter) is to see speed and duplex parameters of the interfaces. But have you tried to do it on a firewall with 15-20 interfaces ? No fun entering one by one …



Funny way to expire Antispam license in Checkpoint

After years with Checkpoint products I came to conclusion that if you don't have logical explanation why something doesn't work, it is most probably license issue. My client stopped getting emails behind UTM-132 at some remote branch . Doing the basics - telnet to port 25 (Checkpoint answered as it should), Exchange …



Finally GEO location blocking has arrived to Fortigate

It was predictable thing for Fortinet to do as everyone else has already been doing so. I haven’t verified myself but according to the informed source (can only say his name - Hen) they are using Maxmind database . So let’s see how to do it . First you create in …



Convert Fortigate diagnose sniffer packet output into tcpdump format understood by Wireshark

Running diagnose sniffer packet on Fortinet Fortigate unit outputs human-readable packet information and packet data . Only that sometimes you would like to have the traffic sniffed at Fortigate in Wireshark-readable format so that it can be analyzed by all powerful Wireshark. For this case Fortinet came up with the script …



awk weekly - Security rule hits statistics . Checkpoint

As I mentioned before once you export firewall logs into human-readable format you can do lots of interesting things - for example script that gives statistics of how many times each Security rule was hit . Be aware that this counts explicit Security rules only - i.e. the ones you see in …



Time-based access limiting on Checkpoint or any Linux for any network service

Time-based access-lists in Cisco world are available since ... last century for sure. But is it possible that Linux doesn't have anything like that ? No way - of course it can do and do it better. Here is how . Access control based on time of the day is available via pam module …