When adding an authentication action to a rule there are 3 types, User Session Client User authentication works by intercepting connects going through the FW-1 and prompting the user for authentication. To do this the firewall has to modify the traffic, so this authentication type can only be used with FTP, HTTP, Telnet and RLOGIN. … Read more
There are many types of NAT in the land of Check Point. Here’s a quick overview, Static NAT – One to one translation Hide/Dynamic NAT – Allows you to NAT multiple IPs behind one IP/Interface Automatic NAT – Quick basic address NAT translation. Manual NAT – Allows greater flexibility over automatic NAT. Proxy ARP is … Read more
Introduction Client and Server side NAT relates to when we perform destination NAT`ing. The “Translate destination on Server side” option is an legacy option which was included due to pre NG versions of checkpoint using Server-Side NAT. Client Side NAT – The destination address is NAT`d by the inbound Kernel Server Side NAT – The … Read more
Below will grep for all files containing the word ssh at the beginning of the line. The BOL symol is ^. grep -r ^ssh /etc
You will need to have already set your interfaces to inside and outside using the commands, ip nat ouside ip nat inside Once done you can add the command below. This would allow the IP 10.8.8.8 to be accessed on port 23 via the IP address of the interface fa 0/0 using port 2333. ip … Read more
Here’s a quick overview of Syslog, there’s much more to it and you can find tons more information in the links at the bottom of the page. Syslog stands for the System Log protocol. It allows for the sending and receiving of event messages and alerts across an IP network. Operating on either UDP or … Read more
To setup logging on your Cisco switch is pretty straight forward, you enable logging, you tell it what to log and then were to send it. Below is an example, Switch1#config t Enter configuration commands, one per line. End with CNTL/Z. Switch1(config)#logging ? Hostname or A.B.C.D IP address of the logging host buffered Set buffered … Read more
Issue I cannot install via apt-get as I get the message, E: Package ssh has no installation candidate When running apt-get install [package name] you get, root@ubuntu:~$ sudo apt-get install sshReading package lists… DoneBuilding dependency treeReading state information… DonePackage ssh is not available, but is referred to by another package.This may mean that the package … Read more
Below should the configuration steps for adding a default gateway to Debian. root@host:~$ route add default gw [ip address] Note : Remember to add it (to survive a reboot) to your ‘/etc/network/interfaces’.Add the following entry to required interface within the interface file – gateway [ip address] Below is an example : auto eth0iface eth0 inet … Read more
How do I configure proxy ARP on my SPLAT firewall ? There are 2 ways to get a packet to a firewall. A Route or a Proxy ARP. Using routes is the perferred method but it may be the case where you havent access to the routers and need to use Proxy ARP. Please note: … Read more