Oliver Fink

Oliver Fink is working as a senior consultant for IT security in Kiel, Germany. (Twitter | LinkedIn | Xing | eMail)

Apr 262016

Check Points’ blog explains how the Nuclear Exploit Kit works.

Apr 252016

Brand new book for project managers concerning IT security:

Dec 272015

Canon and Mac OS – that will really suck. So does the printer driver for the photo printer SELPHY CP910. Of course, there is no printer driver for Mac OS 10.11 (El Capitan). And the installer for Mac OS 10.10 (Yosemite) fails. So, what could you do?

Using pgkutil you can circumvent the needless check for the Mac OS version. First you have to write the installation package to a directory:
$ pkgutil --expand SELPHY\ CP\ series\ Printer\ driver_6.5.0.0.pkg /var/tmp/work

Then change to this directory and edit the Distribution file:
$ cd /var/tmp/work
$ vi Distribution

Insert the bold marked line into the function installationCheck:
function installationCheck() {
    return true;
     if ( (system.compareVersions( system.version.ProductVersion, '10.10' ) == -1) || (system.compareVersions( system.version.ProductVersion, '10.11' ) != -1) ){

Step one directory upwards and create a new package:
$ cd ..
$ pkgutil --flatten work Canon_SELPHY_10.11.pkg

Now you can install the package Canon_SELPHY_10.11.pkg. Nothing, a customer caring company could not have done by now.

Jul 252014

Mattermark lists the companies the Central Intelligence Agency (CIA) is invested in through its investment firm In-Q-Tel. Is the CIA trying to promote IT security or even more to get back doors to other networks. Who knows? I find these companies remarkable, In-Q-Tel invested in:

  • Cloudera
  • FireEye

One more interesting company is listed in the portfolio at the In-Q-tel website:

  • mongoDB

What are your conclusions?

Jun 242014

Anyone else annoyed with the speed of 115200 bps for the serial port on Check Point’s 1100 appliances? I am, because our terminal servers connect with 9600 bps. But this can be changed. Even if supportcenter.checkpoint.com does not offer any hint, the solution is quite simple:

  1. Get a connection to the appliance with 115200.
  2. Change to expert mode.
  3. Issue “fw_setenv baudrate 9600” there.
  4. Reboot.
  5. Connect with 9600.
  6. Enjoy.

To verify which baudrate you are using, issue “fw_printenv baudrate“.

Feb 062014

Check Point training, quote of the day:

If I have ever said something good about SmartUpgrade, then I quite simply lied.

(German: “Wenn ich jemals etwas Gutes über SmartUpgrade gesagt habe, dann habe ich schlicht und ergreifend gelogen.”)

Reason: sk44123

Jan 232014

This was my attendee’s card for the SunNetwork conference 2003 in Berlin. 20140117-081829.jpg It had been used for years as my access card to our Sun Ray Servers and is still in my wallet. Nearly loved to death.

Jan 202014

The QRadar Insights blog describes and compares three different methods to collect Logs from Windows desktops. Worth reading.

Jan 162014

Yesterday Check Point released their software package R77.10. This opens the first opportunity to upgrade from R75.47 to a higher Version. What is new in R77.10? Continue reading »

Jan 152014

Federal and State laws, as well as industry regulations, are major drivers in the security industry, and none are probably more far-reaching and controversial than the Payment Card Industry Data Security Standard (PCI DSS). Here, Fortinet provides an overview of PCI DSS and what you need to know about this regulation.

(via: @Fortinet)