Oliver Fink

Oliver Fink is working as a senior consultant for IT security in Kiel, Germany. (Twitter | LinkedIn | Xing | eMail)

Mar 142017
 

The first one from my list of docks for MacBook Pro 2016 is available now (Amazon Germany Link). It is the CalDigit TS3 Lite Thunderbolt 3. Pain point for me is that it is missing the functionality of charging the MacBook with 85 W. So I will be waiting. But its release will put higher pressure on the manufacturers of the docks I take into consideration for a release date in the near future.

Mar 112017
 

Last month my old MacBook Pro 15″ 2011 was replaced by a brand new MacBook Pro 2016. Here I will list pros and cons and why I am really waiting for a docking station. In summary, I am very happy with my new working device, but Apple could have avoided some annoyances. Continue reading »

Feb 282017
 

For years Tobias Lachmann posted a list of Check Point hardware, for the last time on July 30th 2015. I am continuing and extending the list for the new appliances. Therefore I need your contribution. If you have an appliance at your fingers please be so kind to issue these commands
cat /proc/cpuinfo > lachmann.txt
cat /proc/meminfo >> lachmann.txt

and sent the file lachmann.txt with the appliance type as subject to lachmannlist@fink.sh. I will try to update the list by time.

Updates:

  • CPU and Memory for 1450 & 1470 (Thanks to Florian Hildinger)

Continue reading »

Feb 212017
 

For years Tobias Lachmann posted a list of Check Point hardware, for the last time on July 30th 2015. I am continuing and extending the list for the new appliances. Therefore I need your contribution. If you have an appliance at your fingers please be so kind to issue these commands
cat /proc/cpuinfo > lachmann.txt
cat /proc/meminfo >> lachmann.txt

and sent the file lachmann.txt with the appliance type as subject to lachmannlist@fink.sh. I will try to update the list by time.

Updates:

  • CPU and Memory for 1430 (Thanks to Florian Hildinger)

Continue reading »

Feb 102017
 

For years Tobias Lachmann posted a list of Check Point hardware, for the last time on July 30th 2015. I am continuing and extending the list for the new appliances. Therefore I need your contribution. If you have an appliance at your fingers please be so kind to issue these commands
cat /proc/cpuinfo > lachmann.txt
cat /proc/meminfo >> lachmann.txt

and sent the file lachmann.txt with the appliance type as subject to lachmannlist@fink.sh. I will try to update the list by time.

Updates:

  • New appliance 3100
  • New appliance 5100
  • New appliance 5900
  • Maxmimum memory for 5400
  • Maxmimum memory for 5600
  • Maxmimum memory for 5800
  • Maxmimum memory for 15400
  • Maxmimum memory for 15600
  • Maxmimum memory for 23500
  • Maxmimum memory for 23800

Continue reading »

Feb 092017
 

I am on my journey back from the Barcelona Sales Kick-Off of Check Point. We were presented the new appliances and while sitting at the airport I realize that they are already on the website. These are the new appliances: 3100, 5100 and 5900. The 5900 is really exciting with up to 32 GB RAM and dual hot-swap HDD or SSD. This system seem to fit perfectly between 5800 and 15400.

VSX R77.30 is quite a good implementation with some annoying flaws – but really worth using it. The now announced features for VSX in R80.10 and beyond will make it even a by far more mature OS. I am really looking forward to the first implementations. Stay tuned.

Jan 232017
 

For years Tobias Lachmann posted a list of Check Point hardware, for the last time on July 30th 2015. I am continuing and extending the list for the new appliances. Therefore I need your contribution. If you have an appliance at your fingers please be so kind to issue these commands
cat /proc/cpuinfo > lachmann.txt
cat /proc/meminfo >> lachmann.txt

and sent the file lachmann.txt with the appliance type as subject to lachmannlist@fink.sh. I will try to update the list by time.

Updates:

  • CPU & Memory 1490 (Thanks to Christoph Murth)

Continue reading »

Jan 212017
 

Have you ever been frustrated that simple scripting is a problem when doing things on your Check Point firewall? There is a reason why compilers and scripting tools are very limited on such devices. The less options a potential attacker finds to do harm with the better.

As far as I remember from different trainings Check Point uses a GCC compiler to build the policies. But this compiler is said to be stripped down to a large extent.

And there exists Python within GAiA. I would not suggest to use this Python on a gateway, but on a management server it could be very useful.

This is how you start python:

[Expert@cp2205:0]# $FWDIR/Python/bin/python
Python 2.7.3 (default, Jun 27 2012, 14:41:05)
[GCC 3.2.3 20030502 (Red Hat Linux 3.2.3-20)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
Python usage is limited in Check Point security gateway

The last line is true. We will see it in a few moments. Let’s try with a simple script: Continue reading »

Dec 302016
 

I migrated this server from a physical host at my company to Digital Ocean, Frankfurt/Main. Using this opportunity I added HTTPS with certificates from Let’s Encrypt and forwarded requests for port 80 to port 443.

If you encounter any problems feel free to comment. I will try to apply fixes as soon as possible.

Dec 082016
 

For years Tobias Lachmann posted a list of Check Point hardware, for the last time on July 30th 2015. I will try to continue and extend the list for the new appliances. Therefore I need your contribution. If you have an appliance at your fingers please be so kind to issue these commands
cat /proc/cpuinfo > lachmann.txt
cat /proc/meminfo >> lachmann.txt

and sent the file lachmann.txt with the appliance type as subject to lachmannlist@fink.sh. I will try to update the list by time.

Updates:

  • CPU 5400 (Thanks to Anonymous)
  • 16 GB memory option for 5200 (Thanks to Florian Hiildinger)

Continue reading »