Clik here to view.
The D-day for CheckPoint UTM-1 Edge Appliances happened today – reboots are...
Photo courtesy of The Voice of Russia http://english.ruvr.ru/ Today we (ISP) have got reports from the clients that all their UTM Edge devices did a reboot early at night, at about 03:00 AM Israel time...
View ArticleNew spam on the block
May be not new , but new to me – spam mails that instead of direct links to their websites list links cached in google. So , you get in the email not http://degayfisk.com/ but...
View ArticleCCIE Security travel diaries are here
Bonjour à tous , as they say in Brussels (sorry – Bruxelles) . I started a new blog about preparing/thinking/sweating/labbing for/about/for/in Cisco CCIE Security Lab exam. You are welcome to read it...
View ArticleRSA servers have been hacked
Anything connected to the Internet will be hacked in someday and RSA is no exception.The open letter is here Open Letter, but more interesting are best practices published in response to the attack –...
View ArticleClik here to view.
How to separate inbound and outbound data graphs in Nfsen Netflow tool
As I said already ( here and here ) for gathering Netflow data, especially with security in mind, I deem Nfsen/nfdump to be the best. And with some easy 2-minutes tweaking I can always make it do...
View ArticleTwo tips to secure SSH access from specific IPs to specific users in...
Today I’ll bring you two tips to secure SSH access to the Checkpoint firewall beyond firewall rules itself. SSH access is the most powerful way to own the firewall so it should be secured to the...
View ArticleClik here to view.
Enable 2 factor authentication to protect your Gmail account if you have not...
Today i did an improvised poll at work who is using the 2 factor authentication with their Gmail mail account and got only one positive answer – me . The question was in turn inspired by the article in...
View ArticleTime-based access limiting on Checkpoint or any Linux for that matter
Time-based access-lists in Cisco world are available since … last century for sure. But is it possible that Linux doesn’t have anything like that ? No way – of course it can do and do it better. Here...
View ArticleFunny way to expire Antispam license in Checkpoint
After years with Checkpoint products I came to conclusion that if you don’t have logical explanation why something doesn’t work, it is most probably license issue. My client stopped getting emails...
View ArticleCheck duplex and speed settings of all interfaces in one go
One of the first things you do when checking connectivity issues on the Checkpoint (or any networking gear for that matter) is to see speed and duplex parameters of the interfaces. But have you tried...
View Article
