Cisco router – how to schedule an unattended reload with EEM

Today a colleague of mine asked if I had a ready-to-use template to schedule a reload of Cisco IOS router . - "Of course, piece of cake, there should be millions of hits on it in Google" , was my thought. So, after 30 minutes of searching the mighty Google and being surprised …



Enable SNMP v3 in Checkpoint video walkthrough

SNMP version 3 has been with us for so many years but so very few Checkpoint folks use it that I decided to do this screencast/video showing how to enable and use SNMP v3 in Checkpoint firewall. NOTE - the language of narration is Hebrew . http://vimeo.com/22473169 Follow …



Two tips to secure SSH access from specific IPs to specific users in Checkpoint or any Linux

Today I'll bring you two tips to secure SSH access to the Checkpoint firewall/Linux server beyond firewall rules itself. SSH access is the most powerful way to own the firewall so it should be secured to the paranoid level and even then it is never enough. Tip 1 Change …



'How to separate inbound and outbound data graphs in Nfsen Netflow tool '

As I said already ( here and here ) for gathering Netflow data, especially with security in mind, I deem Nfsen/nfdump to be the best. And with some easy 2-minutes tweaking I can always make it do exactly what I want. By default when you configure Cisco to export both ingress …



You can be Nmap hacker too - contribute new signatures in few easy steps and feel proud of yourself

NMAP is probably the most known long standing and community involved security-related project in the Open Source universe ever. And it is quite naturally to think that there is nothing left to be done to improve it by end users like us, and of course the opposite is the case …



Checkpoint firewall VPN debug cheat sheet

I love cheat sheets. Once I learn some product or technology to the level of understanding how it works I find the cheat sheets with all the options to run it and keep it handy. In case of the Checkpoint firewalls such cheat sheets are pretty much absent so I …



RSA servers have been hacked

Anything connected to the Internet will be hacked in someday and RSA is no exception.The open letter is here RSA Open Letter, but more interesting are best practices published in response to the attack. Follow me on https://www.linkedin.com/in/yurislobodyanyuk/ not to miss what I publish …



Cisco Netflow performance data

Not much of a post but link to the Cisco site stating how much Netflow loads the Cisco routers: Netflow data sheet I, personally, do a lot of Netflow monitoring and can say that on unloaded routers , passing 2-5 mbits/sec of traffic, the additional load will be some 1-2 …



My Amazon book list for CCIE Security Lab exam

Not limited to CCIE Security Lab only, of course, here is the list of books I find really useful in preparing for the Lab . Amazon Listmania list Follow me on https://www.linkedin.com/in/yurislobodyanyuk/ not to miss what I publish on Linkedin, Github, blog, and more.



Cisco ASA 5500 Series Content Security and Control Security Services Module or just CSC-SSM and how it looks

While the reason for me getting involved with this ASA 5510 module is of less interest (client was getting notification message " LogServer has recently stopped on InterScan for CSC SSM" , more about that at the end of the post) , the module itself looks cute , so I bring here some output …