This is the first time I was disappointed by the cisco.com . I had a simple task at hand – configure SMTP inspection in ASA 8.0(3) and cisco.com documentation didn’t help me at all. But first the task:Secure internal mail server by preventing it from sending …
This comes from unpleasant experience of mine. One of my clients’ domain records (MX for the case involved) was mistakenly changed. While it was a human error and trying to fix humans is rolling the rock of Sisyphus,damage would be much lesser had I known about the change immediately …
Do we need to fix all the problems all the time ? My answer is no. Also I believe in good solution today and dismiss ideal solutions tomorrow. Let me show this on the real case with one of the clients. Client has Checkpoint, lots of Checkpoint, just heaps of it …
To create VLAN in Solaris you have to first decide where the Physical Point of Attachment (PPA) will be. In other words you have to attach VLAN to some physical interface on the server , as of now interface types that support VLANs are: - ce - bge - xge - e1000g After you decided …
How do you calculate md5 hash ? md5sum of course, I thought ,coming from the Linux world and was wrong. In Solaris , again, all that comes from the open source projects is add-at-your-own-risk paradigm. Instead, the native crypto provider supplies hash calculations with the digest command: # digest -l sha1 md5 sha256 …
How do I encrypt local file in Solaris ? On Linux I use either OpenSSL or GPG but these are both open source projects not native in the Solaris land. For this Solaris has encrypt/decrypt tools which do what their name say. And of course we talk here about symmetric …
Radius Athentication - I got asked few times on this feature, and as surfing through the Checkpoint docs can be a bit tedious, I‘ll put it here. SSH user authentication against external server, in this case using Radius protocol, is possible but only if you have VPN Pro featured firewall …
This one will be short, just a link to the Tobias Lachmann blog where he shows how using dmidecode you can know what is the version of the UTM you are logged in. Determine UTM-1 appliance series from cli ~~blog.lachmann.org/?p=172~~ the site is down, look here …
Today I want to draw your attention to often overlooked information source – Checkpoint state tables. While running, the firewall creates, keeps and updates various tables it needs for correct functioning. These tables contain parameters that are mostly of use for firewall itself, but you can query them on the cli …
SUN Solaris FTP SUN Solaris comes with ftp daemon based on WU-FTPd Washington University project. While not being very enthusiastic about its vulnerabilities discovered over the years and being rather abandoned by its developers ,still, it comes installed by default and as long as Sun ok with that it is …