tag:blogger.com,1999:blog-22925279914649619792012-01-29T18:29:12.919+05:30This site is helpful for people who are working in the area of Network and Information security and also for those who want to start their career with these field.Mostly i am posting about firewall technology and product knowledge i am giving here on Checkpoint firewall.shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.comBlogger291100tag:blogger.com,1999:blog-2292527991464961979.post-28734941007710804462011-12-12T11:13:00.000+05:302011-12-12T11:13:18.096+05:30

http://www.theacademypro.com/

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-79885159918405054902011-06-21T11:25:00.000+05:302011-06-21T11:25:07.366+05:30

cisco firewall 0.What is stateful inspection & Packet filtering.Whats the difference ? 1.What is Adaptive security algorithm? 2.what are the default security levels for interfaces in firewall? 2.How would the firewall treat a TCP and UDP packets when it crosses the firewall ? 3.Tell me abt the different types of nat? 3.What is the order of nat ? 4.what is nat control ? 5.What are the

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-49603126160729782842011-06-13T11:01:00.000+05:302011-06-13T11:01:07.272+05:30

R70.20 Upgradation Procedure: Step1: Take the configuration Backup of both the Nokia Appliances. Step2: Take the Backup of Static Routes. Step3: Connect the laptop to Console & Management interface eth3 of the Secondary Firewall Appliance. Step4: Keep the below checkpoint Wrapper packages in FTP server path of Laptop. a) Check_Point_R70.20.ipso6.tgz b) Check_Point_R70.IPSO.tgz c)

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-63295680507643969542010-10-14T10:54:00.004+05:302010-10-14T11:16:53.480+05:30

Official Site of Checkpoint Checkpoint Forums Checkpoint Technical Assitance

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-36710128310399394492010-10-07T09:16:00.003+05:302010-10-07T09:17:41.515+05:30

Introduction Firewall technology ranges from packet filtering to application-layer proxies, to Stateful inspection; each technique gleaning the benefits from its predecessor. Stateful inspection works at the network layer and does not require a separate proxy for each application. This technology does not suffer from the same degradation in performance as application-level technology (proxies),

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-33742193076338442872010-10-07T09:10:00.000+05:302010-10-07T09:10:41.129+05:30

Troubleshooting License Upgrade License upgrade is a smooth and easy process. There are a few predictable cases where you may come across some problems. Use this section to solve those license upgrade problems.In This Section Error: “License version might be not compatible” SecureKnowledge solution sk30478 Symptoms • Error: Warning: Can't find .... in cp.macro. License version might be not

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-47429500864351260312010-10-07T09:01:00.000+05:302010-10-07T09:01:27.250+05:30

Purpose: This document provides the procedure to upgrade the existing cluster of Nortel Switched Firewall. The cluster of accelerated platform consists of 2 accelerators running in active-standby mode and 2 directors in active-active mode. Pre Requisites: 1. Backup of the configuration 2. Image CD of 4.1.3_R55 3. Minimum downtime of 3 Hours. Procedure: 1.Remove the standby accelerator (

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-42233480183252826642010-10-07T08:56:00.000+05:302010-10-07T08:56:02.462+05:30

How to identify the source of high CPU utilization on Nokia IPSO Nokia Solution: Symptoms This resolution will explain how to identify issues causing high CPU usage on an IPSO Platform. Please note that the traffic levels which any particular platform can pass, have been tested in the Nokia QA labs and these statistics are available on request from Sales. The amount of traffic vs CPU

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-23977750913407905752010-09-07T20:10:00.000+05:302010-09-07T20:10:18.732+05:30

When installed on a gateway,the FireWall-1 INSPECT Engine controls traffic passing between networks. The INSPECT Engine is dynamically loaded into the operating system kernel, between the Data Link and the Network layers (layers 2 and 3). Since the data link is the actual network interface card (NIC) and the network link is the fi rst layer of the protocol stack (for example, IP), FireWall-1 is

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-8764693547679713552010-09-07T20:05:00.001+05:302010-09-07T20:10:33.607+05:30

Check Point FireWall-1’s Stateful Inspection architecture utilizes a unique,patented INSPECT™ Engine which enforces the security policy on the gateway on which it resides. The INSPECT Engine looks at all communication layers and extracts only the relevant data, enabling highly effi cient operation, support for a large number of protocols and applications, and easy extensibility to new

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-25530975017369606482010-09-07T20:02:00.003+05:302010-09-07T20:11:13.695+05:30

Stateful Inspection, invented by Check Point Software Technologies, has emerged as the industry standard for enterprise-class network security solutions. Stateful Inspection is able to meet all the security requirements defi ned above while traditional fi rewall technologies, such as packet fi lters and application-layer gateways, each fall short in some areas. With Stateful Inspection, packets

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-29738175955062187422010-09-07T19:59:00.001+05:302010-09-07T20:12:04.650+05:30

For ensuring the highest level of security, a firewall must be capable of accessing, analyzing, and utilizing the following: • Communication information Information from all seven layers in the packet • Communication-derived state The state derived from previous communications. For example, the outgoing PORT command of an FTP session could be saved so that an incoming FTP data connection can be

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-30967234943520739492010-09-01T09:17:00.001+05:302010-09-01T09:17:13.961+05:30

Internet Protocol 17 tunnel_test_mapped tunnel testing for a module performing the tunnel test Internet Protocol 50 ESP IPSEC Encapsulating Security Payload Protocol Internet Protocol 51 AH IPSEC Authentication Header Protocol Internet Protocol 94 FW1_Encapsulation Check Point VPN-1

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-65770921512998788042010-09-01T09:16:00.000+05:302010-09-01T09:16:21.963+05:30

FWM  Enforcement Point, also SecuRemote Server GUI SmartConsole ICA Internal CA, mostly primary SmartCenter SCt SmartCenter PS Policy Server SAA Session Authentication Agent SIC Secure Internal Communication SR

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-45749518138676430602010-09-01T09:11:00.000+05:302010-09-01T09:11:45.636+05:30

Port No. Name in Service Manager Short description 256 /tcp FW1 Check Point VPN-1 & FireWall-1 Service - Get topology information from SCt or CMA to FWM - Full synchronisation for HA configuration 257 /tcp FW1_log Check Point VPN-1 & FireWall-1 Logs - Protocol used for delivering logs from FWM

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-41448743799522008772010-09-01T09:08:00.000+05:302010-09-01T09:08:27.913+05:30

Shortcuts new name since FP3 FWM  Firewall Module, Inspection Module, Enforcement Point, also SecuRemote Server   GUI Rulebase Editor, Graphical User Interface, Management Client, Policy Editor SmartDashboard, SmartConsole ICA Internal CA, mostly primary MM  

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-36541606907110939922010-09-01T09:03:00.000+05:302010-09-01T09:03:26.051+05:30

Port No. Name in Service Manager Short description 256 /tcp FW1 Check Point VPN-1 & FireWall-1 Service - Download of rulebase from MM to FWM (4.x) - Fetching rulebase from FWM to MM when starting (4.x) - Get topology information from MM or CMA to FWM (also for NG) - Full synchronisation for HA configuration (also

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-89045972318774594212010-08-18T20:58:00.003+05:302010-08-24T21:54:18.003+05:30

Lastes Information Security Updates

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-61689168534939916042010-08-18T20:31:00.000+05:302010-08-18T20:31:18.664+05:30

FirewallA[admin]# cpconfig This program will let you re-configure your Check Point products configuration. Configuration Options: ---------------------- (1) Licenses (2) SNMP Extension (3) PKCS#11 Token (4) Random Pool (5) Secure Internal Communication (6) Enable Check Point High Availability/State Synchronization (7) Automatic start of Check Point Products (8) Exit Enter your choice (1-8) :5

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-76412457247973708762010-08-18T20:20:00.002+05:302010-08-18T20:21:14.224+05:30

1. Use the latest version of the OS software available for your particular firewall. Install the latest patches and if possible/applicable, the latest software version available. 2. Use a stealth Rule at the top of the rule base. What is a stealth rule? A stealth rule is a rule which disallows any communication to the firewall itself from unauthorized networks/hosts. It is a rule to protect the

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-91923240289281198982010-08-18T20:15:00.001+05:302010-08-18T20:15:42.840+05:30

Penetration Testing NO TOOL PURPOSE PLATFORM 1. Nmap Port scanner Windows and Linux 2. Nessus Vulnerability Scanner Windows and Linux 3. Xprobe Operating System detection Linux 4. Ethereal Packet Sniffer Windows and Linux 5. J2SDK and JRE Java framework needed for many tools to run Windows and Linux 6. Citrix client Client used to connect to Citrix instance if running Windows 7. MySQL client

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-8761940372945647072010-08-18T20:14:00.001+05:302010-08-18T20:14:04.123+05:30

Purpose: This document provides the procedure to upgrade the existing cluster of Nortel Switched Firewall. The cluster of accelerated platform consists of 2 accelerators running in active-standby mode and 2 directors in active-active mode. Pre Requisites: 1. Backup of the configuration 2. Image CD of 4.1.3_R55 3. Minimum downtime of 3 Hours. Procedure: 1. Remove the standby accelerator (

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-45761481720251475452010-08-18T20:12:00.003+05:302010-08-18T20:13:09.389+05:30

Upgrading the Image of the Contivity VPN Router: 1. Acquire the image v5_05.241 (128 bit) in the optimized format (.tar extension). 2. Connect your laptop or PC to Contivity via a cross cable to contivity’s private LAN interface. 3. Make sure that your Laptop’s or PC’s IP address is in the same range as that of Contivity’s Management IP address. 4. Then open the Internet Explorer (Version 6)

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-36994650757880541352010-08-18T20:10:00.001+05:302010-08-18T20:10:55.238+05:30

DNSMap - DNS Subdomain Brute-force Tool • Dnsgrep - DNS Enumeration Tool • txdns - Aggressive Multithreaded DNS digger/brute-forcer • Mscan 1.0 • FoFuS - PoC bot using DNS cover channel • spoofer2.pl.txt • dnsstat • Tools to manage DNS • DNSSEC Software, DNSSEC Tools, DNSSEC Utilities DNS Dump https://www.astalavista.net/member/index.php?cmd=forum&act=topic_show&tid=16477 Koders http://

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com1tag:blogger.com,1999:blog-2292527991464961979.post-77457728256640276102010-05-30T00:53:00.000+05:302010-05-30T00:53:56.889+05:30

Hi Friends , Here i am publishing the networking questions which are asked by interviewer for Core security peoples . 1)How much you are rating your self in networking out of 10.? 2)Which models of Routers and Switches you handled ? 3)What is RIP , EIGRP , OSPF ? 4)What is Static and Dynamic routing ? 5)Why we create vlans? 6)How you troubleshoot the vlan problem ? 8)How you make it up down

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-32070126973138861112010-05-29T23:53:00.002+05:302010-05-30T15:47:27.875+05:30

As per my experience i am trying to share CP interview question - Before going to start i suggest you that never try to make fool to your interviewer. 1)From which was the first version of Checkpoint you worked? 2)What is the difference between CP NG and CP NGX? 3)In how many mode we can install the checkpoint? 4)What is architecture of Checkpoint? 5)What is SIC ? 6)What is NAT and how many

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-90593858502008670912010-05-22T11:22:00.002+05:302010-05-24T17:31:37.695+05:30

You can make career with Network and Information security for those career map is like this -- For Freshers - : 1) Anyone who have completed graduation (B.Sc/B.Com/B.A) or B.Tech/B.E etc. 2) Basic Networking course like (CCNA). 3) Start career with Network or System engineer. For Experience - : After having three years of experience you have to choose one specific work area either network or

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-48803394784599202032010-05-22T11:05:00.002+05:302010-05-22T11:05:37.716+05:30

The implementation of programs and practices that protect the integrity and safety of computer programs and information of individuals or an for organization.

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0tag:blogger.com,1999:blog-2292527991464961979.post-3142346234775524432010-05-22T11:03:00.000+05:302010-05-22T11:03:10.141+05:30

Kind of technology where we learn how to protect networks and their services from unauthorized modification, destruction, or disclosure, and provision of assurance that the network performs its critical functions correctly and there are no harmful side-effects. Network security includes providing for data integrity.

shridharhttp://www.blogger.com/profile/10205971394164283066noreply@blogger.com0