SSH brute force is on the rise, awk script to count failed SSH attempts

SSH brute forcing is still in high demand. I have , for my own testing and pleasure, virtual servers scattered around the world. All of them being of the Linux/BSD family I manage by SSH. Also I have on purpose no static IP at home for various reasons (saving me …



Change IP address on the interface without losing the connection

I happen from time to time to configure from scratch some Checkpoint UTM/Open Server that is thousand miles away. And from experience the best way to do it is when you have out-of-band fast access to the firewall. Of course not always such well-organized beforehand set up is available …



Schedule fw monitor to run unattended via cron

Not a groundbreaking idea but worth remembering that you can also run scheduled fw monitor using the cron. In case you have some problem occurring at the late night hours or you want to run debug at night when system is loaded less or put your case here this is …



SMTP inspection with policy-map in ASA

This is the first time I was disappointed by the cisco.com . I had a simple task at hand – configure SMTP inspection in ASA 8.0(3) and cisco.com documentation didn’t help me at all. But first the task:Secure internal mail server by preventing it from sending …



Alert on change of SOA in domain

This comes from unpleasant experience of mine. One of my clients’ domain records (MX for the case involved) was mistakenly changed. While it was a human error and trying to fix humans is rolling the rock of Sisyphus,damage would be much lesser had I known about the change immediately …



FTP inside VPN Checkpoint troubles

Do we need to fix all the problems all the time ? My answer is no. Also I believe in good solution today and dismiss ideal solutions tomorrow. Let me show this on the real case with one of the clients. Client has Checkpoint, lots of Checkpoint, just heaps of it …



Configure VLAN Solaris way

To create VLAN in Solaris you have to first decide where the Physical Point of Attachment (PPA) will be. In other words you have to attach VLAN to some physical interface on the server , as of now interface types that support VLANs are: - ce - bge - xge - e1000g After you decided …



md5 and sha1 hashing in Solaris

How do you calculate md5 hash ? md5sum of course, I thought ,coming from the Linux world and was wrong. In Solaris , again, all that comes from the open source projects is add-at-your-own-risk paradigm. Instead, the native crypto provider supplies hash calculations with the digest command: # digest -l sha1 md5 sha256 …



Encrypting local files in Solaris

How do I encrypt local file in Solaris ? On Linux I use either OpenSSL or GPG but these are both open source projects not native in the Solaris land. For this Solaris has encrypt/decrypt tools which do what their name say. And of course we talk here about symmetric …



Authenticating ssh access on the Checkpoint using external Radius server

Radius Athentication - I got asked few times on this feature, and as surfing through the Checkpoint docs can be a bit tedious, I‘ll put it here. SSH user authentication against external server, in this case using Radius protocol, is possible but only if you have VPN Pro featured firewall …