Linux – cp: omitting directory error
When trying to use the cp command you receive the error message, cp: omitting directory This can be overcome by using the -r option, cp -r [source file] [destination file]
Check Point – Unable to delete administrator
If you cannot delete the administrator via cpconfig, or the fwm commands then remove the administrator (the complete line) from the following file /$FWDIR/conf/fwmusers
BASH – Adding coloured text
This will simply print your text in red. echo -e ‘\E[31mThis prints in red.’; tput sgr0 If you need any further information or want to know how to add bold, underlining, or background colours to your text click here.
Windows – How to add a route
Go to the Command Prompt via `Start / Run / CMD`. And use the following syntax, Add a route route -p add [Destination] MASK [Mask] [Gateway] Remove a route route -p delete [Destination] MASK [Mask] [Gateway] Example This would add a route to network 10.1.1.0/24 via your gateway address of 192.168.1.100. route -p ADD 10.1.1.0 MASK … Read more
Check Point – Ive pushed the Wrong Policy
Issue There may be a time where you install the wrong policy onto a Check Point Firewall. This can block your connections, and screw which traffic is allowed through the firewall. Resolution These steps will show you how to remove and reinstall the correct policy via the CLI on the manager (SCS), 1. First of … Read more
PIX to Check Point Sample VPN Configuration
Below provide sample configurations required for building a site to site VPN between a Cisco PIX and a Check Point Firewall. PIX Configuration (config)#isakmp enable outside (config)#isakmp policy 10 (config-isakmp-policy)# encryption aes-256 (config-isakmp-policy)# hash sha (config-isakmp-policy)# authentication pre-share (config-isakmp-policy)# group 1 (config-isakmp-policy)# lifetime 86400 (config)#isakmp key shabba address 1.1.1.1 netmask 255.255.255.255 no-xauth (config)#access-list ED … Read more
Check Point – Moving Files using SCP
Method 1 Even though this maybe more of an article for the Linux area, the only reason I came across this is trying to move the output of a upgrade_export from my SPLAT box, so hence it being under Firewalls – Check Point. If you keep getting prompted with a password box when trying to … Read more
Linux – Unable to send email using Postfix
Below outlines the issue and resoultion when trying to send email using Postfix. Issue When trying to send an email on my linux platform I get the following error message in my mail.log ?? The IP you’re using to send mail is not authorized 550-5.7.1 to send email directly to our servers. Please use the … Read more
Check Point – Stealth / Drop Rule
Stealth Rule The first rule in the rule base which prevents access to the firewall itself. Implicit Drop / Clean Up Rule This is added by the firewall at the bottom of the rule base. Its role is to drop any traffic that hasn’t been matched to any of the previous rules.
Check Point – Debugging NAT
In order to debug NAT on a checkpoint we need to obtain information via the following, Set the debugging buffer to 2 KB Enable 2 debugging flags Output your data Then to reset the debugging flags. The commands are, fw ctl debug -buf 2048fw ctl debug xlate srcfw ctl kdebug -f >& /tmp/kdebug.outfw ctl debug … Read more