I updated the script and moved it to the 1st page : http://yurisk.info/2012/01/31/awk-weekly-rule-hits-statistics-checkpoint-again/ Follow me on https://www.linkedin.com/in/yurislobodyanyuk/ not to miss what I publish on Linkedin, Github, blog, and more.
Goooood day everyone again, today I have had another fight with the spam that my client fell victim of. Once upon a time there was not so powerful UTM providing internet to not so crowded office in not so security-aware Central Europe. All would be good and well if not …
I am using Cisco IPS sensor 4235 unless specified otherwise Initial Configuration. By default , out of the box the sensor has the following defaults: Management IP: 10.1.9.201/24 Default gateway: 10.1.9.1 Allowed access: from the network 10.1.9.201/24 Telnet access: disabled …
Until recently I had never had any need to work with Checkpoint log files without SmartView Tracker. But there is always first time . Client complained on some dropped mail traffic and to even say if there is any problem or not I had to look at relevant logs, not a …
Once upon a time reading some CCIE paper at work I asked myself a question : “Why would someone bother to invent ttl-security and even write RFC 5082 The Generalized TTL Security Mechanism (GTSM) about it when multi-hop EBGP feature provides the same end result ?” . First some background. For some reasons …
Yesterday I looked at the Checkpoint VPN Secure Client issue . After an upgrade from NGX R65 to R70 VPN client doesn't connect when Visitor mode is enabled . The moment you disable Visitor mode the same client to the same firewall works just fine. This happens often so I bring it …
There is something I didn’t include in the previous post fw monitor command reference about fw monitor as I think it is rather optional and you can do well without it . I talk about using tables in defining filter expressions. INSPECT – proprietary scripting language by the Checkpoint on which …
UPDATE 2019: I updated the access details below. Also, if you work for a Fortinet partner you can request access to the demo appliances via Partner's Portal. As someone said best things in life are free. Here are links to the demo Forigate firewall, ForiAnalyzer and FortiManager open to access …
I once showed SSH login alert the way to send mail alert on successful login by ssh to any Linux-based machine , including Checkpoint firewalls. Now, thanks to folks at cpug.org that draw my attention to it, I will show how to get mail Alert on ANY rule in the …
Finally it is here – built-in sniffer on the Cisco IOS platform ! Starting IOS 12.4(20) release Cisco introduces brand new feature called Embedded Packet Capture (EPC) that allows us to capture raw packets on the Cisco router and then later analyze it offline. It can capture any traffic passing …