Restart SNMP daemon on Checkpoint

While not being anything noticeable by itself, the problem was that all monitored snmp values were normal but cpu showed 100% on the Open server with 8 CPUs , it did remind me that you should always record the current state before doing the changes. As I said it was an …



Query non-standard port of SNMP with snmpwalk

TLDR: Add colon to the IP address (no space), then the custom port. Sometimes the simple things are the ones to perplex us the most . Today I needed to add an SNMP monitoring of the Radware Linkproof load balancer listening on the port 7777 . Not a big deal, I thought …



Break free from the GUI dependency – checking Fortigate logs on the cli.

Fortinet are doing a lot to keep us away from the command line. And that’s ok in 95% of the cases. But sooner or later you come to meet the 5% of the bad and the ugly when you have no access to the GUI at all. One late …



MAC finder script

While I don't like going down to Layer 2 , recently I had to do it - I didn't know IP address of the Cisco router I wanted to connect to but I had access to the Cisco router sitting in the same network. That would be pretty easy to do #show …



Visio stencils for Cisco, Juniper, Fortinet, Checkpoint, Avaya Updated for 2020

Updated for 2022. Some links to download Microsoft Visio stencils of the most popular vendors. Juniper Cisco Avaya BlueCoat Fortinet Palo Alto Networks Dell Requires registration Checkpoint happen not to have official stencils set, only Nokia appliances stuff can be found. So someone volunteered and using icons/press releases/PowerPoint …



Where do I download the Checkpoint Splat/Gaia image

The answer is surprisingly simple – at the Checkpoint.com . On the home page there is a link to download their products Try Our Products (SPLAT, SmartDefense, Endpoint). You need a free General account in UserCenter, then you fill general questions form and get a link to download the real production …



8 Things to do before opening ticket with Checkpoint

I’ve been doing Checkpoint quite a lot, actually for years now. And this inevitably involves communicating with the Checkpoint Technical Assistance Centre (TAC) . And while you can easily come up with impression that it is pretty bad (look around at cpug.org) for heated flames about that), my view …



Solaris interfaces – create assign delete

Working with interfaces in Solaris is pretty much the same as in Linux - you've got ifconfig, netstat,route. It looks in output a bit different but if you're used to the *BSD way of things you'll find yourself at home. So the most basic thing follows - bring interface up, assign …



How to choose the password that noone can guess and you cant remember

Of course you know what the good password should be - random letters including capitals, peppered with numbers and enhanced with printable control characters. The only problem with these recommendations is that there are very few people in the world that can memorize such incomprehensible sequence of chars. So if someone …



Top 10 usernames used in SSH brute force

As a follow up to yesterday's post I thought it would be interesting to know statistics of the usernames used in those brute force probes. Find below awk/sed script to get usernames for failed ssh login attempts from OpenSSH daemon and sort it for statistics. Also I attach the …