While I don't like going down to Layer 2 , recently I had to do it - I didn't know IP address of the Cisco router I wanted to connect to but I had access to the Cisco router sitting in the same network. That would be pretty easy to do #show …
Updated for 2022. Some links to download Microsoft Visio stencils of the most popular vendors. Juniper Cisco Avaya BlueCoat Fortinet Palo Alto Networks Dell Requires registration Checkpoint happen not to have official stencils set, only Nokia appliances stuff can be found. So someone volunteered and using icons/press releases/PowerPoint …
The answer is surprisingly simple – at the Checkpoint.com . On the home page there is a link to download their products Try Our Products (SPLAT, SmartDefense, Endpoint). You need a free General account in UserCenter, then you fill general questions form and get a link to download the real production …
I’ve been doing Checkpoint quite a lot, actually for years now. And this inevitably involves communicating with the Checkpoint Technical Assistance Centre (TAC) . And while you can easily come up with impression that it is pretty bad (look around at cpug.org) for heated flames about that), my view …
Working with interfaces in Solaris is pretty much the same as in Linux - you've got ifconfig, netstat,route. It looks in output a bit different but if you're used to the *BSD way of things you'll find yourself at home. So the most basic thing follows - bring interface up, assign …
Of course you know what the good password should be - random letters including capitals, peppered with numbers and enhanced with printable control characters. The only problem with these recommendations is that there are very few people in the world that can memorize such incomprehensible sequence of chars. So if someone …
As a follow up to yesterday's post I thought it would be interesting to know statistics of the usernames used in those brute force probes. Find below awk/sed script to get usernames for failed ssh login attempts from OpenSSH daemon and sort it for statistics. Also I attach the …
SSH brute forcing is still in high demand. I have , for my own testing and pleasure, virtual servers scattered around the world. All of them being of the Linux/BSD family I manage by SSH. Also I have on purpose no static IP at home for various reasons (saving me …
I happen from time to time to configure from scratch some Checkpoint UTM/Open Server that is thousand miles away. And from experience the best way to do it is when you have out-of-band fast access to the firewall. Of course not always such well-organized beforehand set up is available …
Not a groundbreaking idea but worth remembering that you can also run scheduled fw monitor using the cron. In case you have some problem occurring at the late night hours or you want to run debug at night when system is loaded less or put your case here this is …