While the reason for me getting involved with this ASA 5510 module is of less interest (client was getting notification message " LogServer has recently stopped on InterScan for CSC SSM" , more about that at the end of the post) , the module itself looks cute , so I bring here some output …

Hi everyone, in this video I tell and show how to enable SCP file transfer in Checkpoint firewall. I am beta testing it at the present therefore a bit shy to present to the wide audience, but be sure to check later when this idea of my site goes public …

New Year present from Checkpoint - R75 Well, saying 'present' I was a bit sarcastic - just another release in the NGX family - R75 , that is now available for download: R75 release . So go ahead , install it , use it, enjoy its new features and bugs and report back to the mothership . Note …

Hello, fellow checkpoint-heads. I know you have been waiting for this for a long long time, and now it happens - Checkpoint announced that Check Point Certified Master Architect Certification lab can be taken at "convenience of your desktop" - that is Online. You don't need to ride your horses over the …

People ask me frequently what software I would recommend for Netflow analysis , especially with security implementations in mind. I made my choice a long ago and haven't been complaining so far - Nfsen graphical frontend that has Nfdump as its data processing backend . It provides most flexibility, configurability; its filter syntax …

This is a not critical but rather annoying bug in the Checkpoint Edge devices firmware 8.1.x preventing any host behind it to reach class A network 2.0.0.0/8 . If you notice this problem then it is most probably because recently the pool 2.16.0 …

Once upon a time I mentioned that blocking Facebook is easy as they have a uniform IP addresses pool . Since then they added more , here is the new and old pools: NetRange: 69.63.176.0 - 69.63.191.255 CIDR: 69.63.176.0/20 OriginAS: AS32934 NetName: TFBNET2 …

Nothing new here , just a round-up of the commands/configs I happen to need from time to time. Google probably has better references for that.I talk about Pf firewall used in FreeBSD, OpenBSD and Solaris systems. Enable and disable firewall: pfctl –e Enable packet filter real time pfctl –ef …

Today we have got reports from the clients that all their Check Point UTM-1 Edge devices did a reboot early at night, at about 03:00 AM Israel time 31st of October. While no official press-release has been seen so far from the Checkpoint, looking at cpug.org posts where …

Cisco gear has a well-known behaviour pattern that when you telnet to some weird and closed port on Cisco you get the uniform response of “Connection refused” . To add more precision it happens when a terminal line management access is enabled on the Cisco but your IP is not in …