curiousecurity

Yet another blog about info & networking security this and that… Buzzword… Catchphrase…

  • Posts
  • About
  • Career
  • Education
  • Contact
  • LinkedIn
  • GitHub
  • Email

Checkpoint VSX Commands

June 4, 2012 by ryanhorst

This is a short list of Checkpoint VSX Commands that I am compiling as I continue to work with CheckPoint VSX systems.  The list is not comprehensive and may not work for everyone, so if you see errors, please contact me so I may correct them. Thanks! /ryan Check Point CLI "CP" Commands CLI Command Command Description vsx get View current shell context. vsx set Set context to VS with the ID . [Expert@FW-VSX-Gateway:0]# vsx set 3 Context is set to Virtual Device … [Read more...]

Filed Under: Firewall, Howto Article, Network Security Tagged With: CheckPoint, CLI

Check Point Quick Reference – FW Monitor

May 22, 2012 by ryanhorst

Overview: FW Monitor is a built-in firewall tool which needs no separate install on the device you wish to capture packets and interrogate connections. It is a functionality provided with the installation of the FW-1 package and syntax is also identical across all FW-1 installations. FW Monitor allows for sampling the connection from 4 different points in the firewall, can show NAT assignments or see if routing is working right. FW Monitor happens at the kernel level, but is not a packet … [Read more...]

Filed Under: Firewall, Linux, Network Security Tagged With: CheckPoint, CLI

Firewall Commands For Identifying Specific Routes

May 18, 2012 by ryanhorst

The Question: Using firewall commands, identify the route to specific destination/target without using the routing table (more specific) I was asked the question today, and blanked out... I have ran the Cisco and CheckPoint IPSO versions, but not Splat and still couldn't pull it from memory. Once I looked it up I felt silly, but knew it will be a good addition to my little knowledge repository. CheckPoint - IPSO: show route destination xx.xx.xx.xx Checkpoint - Splat: ip route get … [Read more...]

Filed Under: Firewall, Linux, Network Security Tagged With: CheckPoint, Cisco, CLI

Useful Stuff

March 5, 2012 by ryanhorst

This post is a quasi-holding place for uncategorized things at the moment, with no rhyme or reason as to why its here or somewhere else: SCP files from a linux box or firewall to another linux box: SYNTAX = scp /path/to/local/file user@remote_host:/path/to/file/on/remote/host EXAMPLE = scp /var/tmp/todays-date-kernel-debug.tgz user@firewall-hostname:/var/tmp/todays-date-kernel-debug.tgz … [Read more...]

Filed Under: Linux, Misc Tagged With: CLI

Check Point Firewall – Nokia IPSO CST Hanging or Taking Forever?

January 26, 2012 by ryanhorst

Is your Nokia IPSO CST Not finishing? Trying to run a CST on your Nokia, but seems to be taking forever? I have had the same issue on various Nokia security appliances running on IPSO 4.2 and older. The problem ended up being hung process that was spawned by the CST program. It seems that CST calls "fw tab -u -t", and sometimes it just gets hung up, but will look to the user like the whole CST process is just hung. Here is a sample so you can get a visual: FIREWALL123[admin]# cst IPSO … [Read more...]

Filed Under: Firewall, Howto Article, Linux, Network Security Tagged With: CheckPoint, CLI

Check Point Firewall – Interfaces Reordered Upon Upgrade

January 10, 2012 by ryanhorst

A few days ago, one of our Check Point IAS M6 Firefly equiped, R70.20 Splat clusters, had a member fail due to "PLANAR VOLTAGE FAILURE", so says the IBM iLO event log. Since this is not solved by a simple power supply replacement, so an RMA replacement unit from Check Point was obtained. The new device came pre-loaded with R65 and no HFA's or hotfixes. So we distributed R70 Splat to the box via Provider-1, upgraded and everything was happy, with us seemingly cruising along on a smooth … [Read more...]

Filed Under: Firewall, Howto Article, Linux, Network Security Tagged With: CheckPoint, CLI

Blue Coat Proxy – test http get

December 15, 2011 by ryanhorst

When troubleshooting user internet connection issues with a specific URL, that are returning the very unhelpful Blue Coat “TCP Error" message, I normally pop into the Blue Coat ProxySG appliance and run a test from the appliance to the URL in question. I will log into the ProxySG appliance via SSH, and issue the 'test http get' command below: test http get http://url-with-the-issue.xyz From this command you will receive enough information to identify if the site is having issues, maybe … [Read more...]

Filed Under: Howto Article, Linux, Network Security, Web Proxy Tagged With: BlueCoat, CLI, ProxySG

Blue Coat ProxySG – CLI Commands

December 15, 2011 by ryanhorst

Here is a list of Blue Coat ProxySG CLI commands, that I have compiled from my studies, Blue Coat documents, and places around the web. This is by no means an exhaustive or comprehensive list, but is rather meant to be a command line KB of sorts - mainly for my quick reference. The list is split into standard and privileged mode commands. If the list proves useful to you, please feel free to share the link with others. Also, if you see any typo's with anything, feel free to let me know! Blue … [Read more...]

Filed Under: Howto Article, Linux, Network Security, Web Proxy Tagged With: BlueCoat, CLI, ProxySG

Check Point Firewall – SPLAT CLI Commands

December 14, 2011 by ryanhorst Leave a Comment

Here is a list of SPLAT CLI Commands commands for Checkpoint Secure Platform, that I have compiled from my studies, checkpoint documents, and places around the web. This is by no means an exhaustive or comprehensive list, but is rather meant to be a command line KB of sorts - mainly for my quick reference. The list is split into CP and FW commands. If the list proves useful to you, please feel free to share the link with others. Also, if you see any typo's with anything, feel free to let me … [Read more...]

Filed Under: Firewall, Howto Article, Linux, Network Security Tagged With: CheckPoint, CLI