Search:

ModSecurity can be rather aggressive and hard to tune properly. I'll see what I can find.

I've changed the title of this thread as you've requested.
Can you tell me more about the problem you're seeing, like which browser, what's your screen resolution, etc.? I'm not seeing this nor have...

While inside a specific forum you should see at the top of the page a blue action button that says "+ Post New Thread". Is that not present?

I think it was in this thread that someone's quoting (quoting a previous post in one's reply) was messed up because someone had accidentally deleted part of the "QUOTE" tag; I saw it and jumped in...

Found it:

Access denied with code 403 (phase 2). Pattern match "(?:\\[ ?(url|link) ?= ?\"? ?https?://.*\\[ ?(url|link) ?= ?\"? ?https?://.*\\[ ?(url|link) ?= ?\"? ?https?://.*\\[ ?(url|link) ?=...

I just did some research on this. It appears that mod_security (a type of Layer 7 HTTP firewall) is blocking this and not being very graceful about it.

Could you please e-mail me exactly what you...

Here's a useful list: http://www.okean.com/thegoods.html

Here's another: http://www.wizcrafts.net/chinese-iptables-blocklist.html

You could probably use ofiller/odumper to create the objects,...

You're right about this, except now you have to worry about keeping those local Linux accounts and their passwords synchronized across every Security Gateway. At least with the other way there was...

I think it's been like that forever. It always struck me as being insecure, also. I suspect there's a marketing reason behind it, like if you want better security you'll have to buy an additional...

I have some more information about this opportunity:

1. The work location is in Omaha, Nebraska
2. The hourly rate is up to $80/hour
3. The contract is for 12+ months

Feel free to contact...

Recruiter Peter Roos sends the following message:

Our Client requires IT Project support to assist with two critical network security infrastructure upgrades. The customer will be replacing...

I seem to remember reading somewhere that each connection needs about 1K of RAM in the connections table (if I'm wrong on this, somebody please tell me), so for most platforms increasing the size of...

http://filippo.io/Heartbleed/#cpug.org

The original post in this thread had a spammy link to a commercial site that sells routers and switches. I think we've been duped by a spammer. I've removed that link.

That's it. torontosecurity you're getting a temporary ban until you respond to my communications...

Please check your private messages...

No, this new public IP address would really just be a public /32 network that they would forward to your gateway. They wouldn't actually put it on an interface anywhere. You would put it on the...

You wouldn't actually bind this new single public IP address to the external NIC on your Security Gateway. You'd just have your ISP forward all packets destined to this new public IP address to this...

You're much more likely to get a helpful response if you actually ask a question at the end of your post...

Who do you mean by "we"? Check Point? Your company?

Please go easy on the spamminess. I've sent you a private message.

The signal-to-noise ratio here is very high; if you're just spewing...

Here's another suggestion:

Ask your ISP for an additional single public IP address. Have them forward traffic destined for this new public IP address to the public IP address on the outside of...

Hmmmm... burger.

There are places for pioneers: alpha testing, beta testing and the Early Availability Program. People in these programs have been informed that the code they receive is provisional, is expected to...

All better now. We're using an "Extended Validation" certificate (the kind that gives you the green bar in your browser's address bar), and there was a glitch in renewing this.

Carry on, in most...

Is that information going to be part of the new CCRE (Check Point Certified Release Engineer) exam?

Well, I thought this was taken care of, but apparently it's not. I'm working on it. I suspect it may take a day or two.

I think retroactively inserting slipstreamed fixes into already-released versions is a really bad idea.

It seems Check Point has two goals here:

1. Release versions as soon as possible to meet...

Thanks for a detailed and helpful response, ShadowPeak.com.

Hello Everyone,

Here is a post from James Fallows on his blog at The Atlantic:

No Man Is a (Comments-Free) Island ... - James Fallows - The Atlantic

We should be proud of ourselves that his...

Now that there are two different versions of the .iso images for both R75.47 and R77, does anybody know if these updates have different version numbers, or how to tell them apart? Should we call...

Hello,

I'm running VMware ESXi 5.1 and I'm trying to install GAiA 75.46 or 75.47 in a VM. I've uploaded the ISO's into the datastore and before booting I've changed the BIOS to boot from the...

Hello Everyone,

It's that time of year again!. Please join us at CPUG CON 2013 SeptemberFest in Munich on September 9th-12th!

This will be our 6th annual conference for Check Point firewall...

Now it's sticky and I've renamed the forum. Let me know what else I can do to help.

Excellent! Let me know if you need anything special here on the discussion board.

Firewall tech pioneer Gil Shwed: Former teen sysadmin on today's infosec biz ? The Register

Welcome to CPUG!

Your English is fine; please jump in an participate!

With kind regards,

Barry

I'm looking into this. It sounds like one of the protections we use to prevent SQL injection attacks...

Barry

mcnallym, you're awesome. Thanks for your really good posts lately.

(moved thread to new SmartLog forum)

(fixed the thread title)

Hello European CPUG Members!

We'll be holding a special edition of our Course 101: “Hands-On Check Point Firewall Administration” in Luxembourg the week of March 18th, 2013. For those of you who...

Welcome to CPUG!

Please jump in an participate.

With kind regards from San Francisco,

Barry

It's likely we'll be holding CPUG CON in Munich this year in September. We're working on finalizing the dates.

Updates coming soon!

Barry

I don' think this is the correct forum to ask for that sort of information.

Hello Everybody!

Happy New Year from San Francisco!

We've just completed some minor upgrades:



Update kernel to Linux 2.6.18-308.16.1.el5 #1 SMP Tue Oct 2 22:01:43 EDT 2012 x86_64 x86_64...

Hello and Welcome to CPUG!

Please jump in and participate!

With kind regards,

Barry

Yes:

username: admin
password: admin

Hello Spawn,

Welcome to CPUG! Please jump in and participate. Our goal is for this discussion board to be incredibly useful, fast and free.

With kind regards,

Barry

Thanks for helping a newbie with a useful, detailed answer.

Hello dvanr and Welcome to CPUG!

Please jump in and participate. The discussion board is really useful, fast, and free.

With kind regards,

Barry

Hello and Welcome to CPUG!

We're glad to have you; please jump in and participate. Hello to Spain!

Barry

We're offering a special week-long Course 101: “Hands-On Check Point Firewall Administration course in Boston the week of December 10th, 2012.

Read about CPUG University.

Please contact me for...

This is useful. Thanks for doing this.

Barry

If we turn it right side up, will it work here in North America?

Please, no spam in your signature block. [spam removed]

Welcome to CPUG!

Barry

Thanks for figuring this out. I wasted an hour and a half this week trying to figure out what I'd done wrong. I even reinstalled the Security Gateway to try to fix this problem. Grrr.

Hello Jeff!

Thanks for being a good student this week!

Welcome to CPUG; please jump in and participate. You've got a nice little town there, in State College. People are friendly and polite...

Must resist... Trying... ...so... ...hard... ...to... ...not... ...reply... ...with... "why the fuck would you want to do that?". Must resist. Must resist.

Must resist...

[bites finger]

What do you mean by "photocopy books"? Are these just photocopies of the original Check Point books? If so, this sounds like a trademark violation and you shouldn't try to sell them here. If not,...

Hello and Welcome to CPUG!

I hope you were one of the attendees at our conference this year (Check Point Conference).

Please jump in and participate here!

Barry

Hello to Northern Germany from CPUG. Please jump in and participate.

Will you be attending our conference starting a week from tomorrow in Switzerland?

Check Point Conference

With kind...

Welcome to CPUG. We're glad to have you. Please jump in and participate.

Barry

A big welcome from CPUG to the Land of the Vikings! Please jump in and participate!

Barry

Thanks for a detailed, useful response, Shadowpeak.

Hello! We're glad to have you. Please jump in and participate.

Barry

I'm the board administrator. Can you tell me more about these searches and what you're getting/not getting? I'll see if there's something going on here.

Also, Google is a very good index of what...

Anybody at Check Point want to explain what's going on?

Management HA is not a very sophisticated product. It appears that development work on it stopped at least ten years ago.

80.255.143.119
Moscow, Russia
http://www.geobytes.com/IpLocator.htm?GetLocation&IpAddress=80.255.143.119
143-119.ranetka.ru


80.239.141.119
London, England...

Hello and Welcome to CPUG!

Please jump in an participate!

Barry

I don't know how to translate this...

Just out of curiosity: Why would someone lease them from you for only eight months? Or maybe they intended for longer but then dropped the project or went out of business? As a business owner who...

There is a top-level forum here where you can post your for-sale or for-lease announcement. I think some of our members might be interested. We welcome these sorts of ads/announcements.

Hello and Welcome to CPUG!

Please jump in and participate; we're glad to have you.

Barry

(new GAiA forum just created and this thread moved to it)

What was the problem with that character? You could no longer use it in a password?

We're glad to have you. Welcome to CPUG.

Please jump in and participate!

Barry

Welcome to CPUG! We're glad to have you. Please jump in and participate.

Barry

It's working fine for me right now on my Android phone.

(sent by Forum Runner from my Samsung Galaxy Note)

We've updated the Tapatalk plug-in to the current version (3.9.4).

Please let us know if there are any problems.

With kind regards from San Francisco,

Barry

If you've had trouble making a complex post lately, please try again. We've been tuning out protections against SQL Injection attacks and I see we've had at least one false positive. It should be...

We've made some upgrades and Forum Runner is now working properly, even with https.

Yay for us!

Barry

After rising for weeks, their stock price was at $64.77 on Monday. Since the outage, it's been falling steadily and closed today at $63.07, down 2.6% since Monday, representing a $340,000,000 loss...

Ouch! (This is what it looked like on Monday)

http://regmedia.co.uk/2012/04/02/checkpoint.jpg

Maybe it's part of a new marketing campaign: "Check Point: We take Internet security so seriously we're not even on the Internet"

Has Check Point said anything about what happened yet?

First weak SSL, and now this. I don't know how they stay in business.

Thanks for posting the solution.

Check Point does well.

Here's the link: Magic Quadrant for Enterprise Network Firewalls

Here it is saved as an XPS file: ...

Welcome to CPUG! Please jump in and participate.

Hello Everybody,

We're testing some improvements on the web server. It shouldn't cause any problems, but please let me know if something isn't working properly.

With kind regards from San...

Hello,

Can you try the fix discussed in this thread:

Failed to connect to forum. | Tapatalk Support

Does that fix it?

(I'm still searching for solutions)

Hello jacobsen,

I just did quite a bit of searching around and it appears there is no separate plugin for TapatalkHD, that there's only one thing to install and it's installed properly on our...

Hello Bangalore! Welcome to CPUG. Please jump in and participate.

I don't know if this is relevant or not, but I'll mention it: In the Policies => Global Properties dialogue box, there's a setting that manages an implied rule that allows RIP. Could that have...

If I remember correctly, at least in previous versions, to enable the Web Intelligence protections, you had to go to the host/node object representing your web server and check the box for Web...

Now you can!

I hope this is something they can do.

Sent from my SAMSUNG-SGH-I717 using Tapatalk

I was finally able to go to their website and change the protocol to HTTPS. Please let me know if there are any problems.

Sent from my SAMSUNG-SGH-I717 using Tapatalk

Maybe in the future we'll (be able to) / (be required to) compile our own patches?

Hello Everyone,

It seems we've worked out most of the problems with implementing HTTPS. Thanks for all your help with troubleshooting.

Here's a current discussion on Reddit discuss the...