Ever wondered how much does ip addresses allocation cost to your service provier ?

Ever wondered how much does IP addresses allocation really cost to your provider? Well, that is easy. If we talk about the RIPE IP address space (majority today) then they have published their fees for PI (Provider Independent) allocations for LIRs (Local Internet Registry) which is by coincidence your ISP …



Public DNS servers open to any on the Internet

Following the good will by Google many other providers made their DNS servers available to us without any limitations as recursive resolvers. As they do not announce it widely enough you may not have heard abouth them, here is the list of these DNS servers: OpenDNS/Cisco Umbrella: 208.67 …



Linux ip route command reference by example

NOTE: All the commands below take effect immediately after you hit Enter, and do NOT survive reboot. ip address ip address show #show all IP addresses (also ip ad sh), mtu, MAC addresses ip address show ens36 #show IP addresses of a particular interface ip address show up #only show …



Free public NTP servers from Google

It has passed somewhat unnoticed but Google have made available to us their free, accessible to all NTP servers. I have been using their DNS servers for years without any issues so will trust their NTP ones as well. So far works just fine. For a single server we can …



Disconnect VPN or Mobile Access or SNX user from Check Point firewall

You may need occasionally to disconnect some or all connected users from the firewall forcibly. There are few ways I can think about to do so, for example installing Security Policy clears the cached authentication of the remote users, and while it does not disconnect them it will force a …



On what Linux version do Check Point firewalls run ?

Throughout its history CheckPoint firewall changed versions and names, incorporated other products. The last, so far, evolution has been the Gaia operating system released in 2012. All this holds true of course but nevertheless the base platform for the firewall all these years has been Red Hat Enterprise Linux server …



Configure SSL protocol version used in SSL VPN by Check Point

With a lot of attention recently to the SSL protocol vulnerabilities browser vendors increase security of their SSL implementation almost daily. One of the recommendations is to use the most up to date SSL version available. Check Point for its SSL based VPNs (by the way it is the same …



Add free disk space to Check Point appliance hard disk

With previous generation of Check Point UTM appliances (so called UTM-1 which included UTM 132, 270, 450 etc.) it was a really nagging issue when firewall run out of space on its hard disk. It was especially problematic for the root partition cause it is used for update downloads, upgrade …



Check Point Gaia route missing after adding via ip route add problem

Check Point Gaia route missing after adding via ip route add problem Well, it is actually a feature not a bug of all Check Point firewalls working on Gaia. If you haven't noticed as opposed to good old SPLAT firewall platform the Gaia is selective about which routes to propagate …



RHEL get firewall zones and their interfaces in one go

The firewall-cmd doesn't have an option to show all zones and to which one the server interfaces belong, so here is a one-line to show that: #for ii in `ls /usr/lib/firewalld/zones/`; do echo ${ii%%.xml}: ; firewall-cmd --zone=${ii%%.xml} --list-interfaces; done The output: block: dmz: drop: external …