Practical documentation and technical guides on network security, firewalls, Linux systems, monitoring, and automation.
We feature technical articles across the entire IT spectrum - Built from real-world experience and continuously updated.
Issue There may be a time where you install the wrong policy onto a Check Point Firewall. This can block your connections, and screw which traffic is allowed through the firewall. Resolution These steps will show you how to remove and reinstall the correct policy via the CLI on the manager (SCS), 1. First of … Read more
Below provide sample configurations required for building a site to site VPN between a Cisco PIX and a Check Point Firewall. PIX Configuration (config)#isakmp enable outside (config)#isakmp policy 10 (config-isakmp-policy)# encryption aes-256 (config-isakmp-policy)# hash sha (config-isakmp-policy)# authentication pre-share (config-isakmp-policy)# group 1 (config-isakmp-policy)# lifetime 86400 (config)#isakmp key shabba address 1.1.1.1 netmask 255.255.255.255 no-xauth (config)#access-list ED … Read more
Method 1 Even though this maybe more of an article for the Linux area, the only reason I came across this is trying to move the output of a upgrade_export from my SPLAT box, so hence it being under Firewalls – Check Point. If you keep getting prompted with a password box when trying to … Read more
Below outlines the issue and resoultion when trying to send email using Postfix. Issue When trying to send an email on my linux platform I get the following error message in my mail.log ?? The IP you’re using to send mail is not authorized 550-5.7.1 to send email directly to our servers. Please use the … Read more
Stealth Rule The first rule in the rule base which prevents access to the firewall itself. Implicit Drop / Clean Up Rule This is added by the firewall at the bottom of the rule base. Its role is to drop any traffic that hasn’t been matched to any of the previous rules.
In order to debug NAT on a checkpoint we need to obtain information via the following, Set the debugging buffer to 2 KB Enable 2 debugging flags Output your data Then to reset the debugging flags. The commands are, fw ctl debug -buf 2048fw ctl debug xlate srcfw ctl kdebug -f >& /tmp/kdebug.outfw ctl debug … Read more
FWM Firewall Management e.g. the SmartCenter ICA Internal CA, normally SmartCenter SIC Secure Internal Communication SCS Smart Centre Server VTI Virtual Tunnel Interface (VPNs) MDG Multi Domain GUI (Provider-1) MDS Multi Domain Server, Manager or Container (Provider-1) CMA Customer Management Add-on (Provider-1) – “Smart Center Server” MLM Multi Customer Log Module (Provider-1) CLM Customer Log … Read more
Solaris Prevent DoS /usr/sbin/ndd -set /dev/tcp tcp_conn_req_max_q 1024/usr/sbin/ndd -set /dev/tcp tcp_conn_req_max_q0 2048/usr/sbin/ndd -set /dev/tcp tcp_time_wait_interval 60000/usr/sbin/ndd -set /dev/ip ip_respond_to_echo_broadcast 0/usr/sbin/ndd -set /dev/ip ip_forward_directed_broadcasts 0 Disable redirects /usr/sbin/ndd -set /dev/ip ip_ignore_redirect 1/usr/sbin/ndd -set /dev/ip ip_send_redirects 0 Disable Source routing /usr/sbin/ndd -set /dev/ip ip_forward_src_routed 0 Linux Kernal 2.2 Prevent DoS /sbin/sysctl -w net.ipv4.tcp_max_syn_backlog=1280/sbin/sysctl -w net.ipv4.vs.timeout_timewait=60/sbin/sysctl -w net.ipv4.icmp_echo_ignore_broadcasts=1 … Read more
DiffServ (Differentiated Services)A layer 3 protocol, defined by the IEFT. Used for adding QoS to IP networks. WFRED(Weighted Flow Random Early Drop)A process for managing packet buffers, by dropping packets during periods of network congestion.This is transparent to the user and requires no configuration. IQ (Intelligent Queuing Engine)Using information from the Check Point INSPECT engine … Read more