Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Checkpoint Firewall Configuration

from [Hall, Spencer D] Network Security [Permanent Link]
Subject: RE: Checkpoint Firewall Configuration
Date: Tue, 29 Jan 2008 14:38:22 -0500 
If you have configured the firewall correctly you can report out of the Audit 
log which tracks administrative changes made to the configuration through the 
GUI.  It will not check for changes made using cpconfig.

Spencer D. Hall
Sr. Technology Engineer/ISO
Ascension Health - Southeast 
St. Vincent's - Jacksonville
Office:  904-308-7029
Fax:  904-384-2036
Cell:  904-477-4660

ï Think before you print

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On 
Behalf Of Andrea Gatta
Sent: Tuesday, January 29, 2008 11:40 AM
To: Hall, Spencer D; global.infosec@gmail.com
Cc: security-basics@securityfocus.com
Subject: Re: Checkpoint Firewall Configuration

Hi,
I guess that there are at least two ways to do that:

- use the database revision control from the GUI. Bear in mind that
this need to be maintained. Then you can simply work out main
difference between one revision
 and another

- use a script or anyway a batch procedure to check all the relevant
files under $FWDIR/conf just to start. Here are stored all the
critical files starting from global
 objects, users databases ad firewall policies. I'm quite sure there
are some tools out in the wild that can help you out on this.

Take into account that, depending on the way you deployed the firewall
architecture(stand alone or distributed), you might need to make same
checks on both management and firewall node side

Cheers,
Andrea


On 29 Jan 2008 06:04:25 -0000,  <global.infosec@gmail.com> wrote:

We are in the process of auditing our Checkpoint confifuration. We need to 
capture the configuration details of the Firewall. The objective is to 
identify if any changes have occured to the configuration at any point of 
time.


How do we capture the firewall configuration for Audit purpose?


Thanks.



CONFIDENTIALITY NOTICE: This email message and any accompanying data or files 
is confidential and may contain privileged information intended only for the 
named recipient(s). If you are not the intended recipient(s), you are hereby 
notified that the dissemination, distribution, and or copying of this message 
is strictly prohibited. If you receive this message in error, or are not the 
named recipient(s), please notify the sender at the email address above, delete 
this email from your computer, and destroy any copies in any form immediately.  
Receipt by anyone other than the named recipient(s) is not a waiver of any 
attorney-client, work product, or other applicable privilege.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  How to Configure Nessus3 to use WWW-Authenticate: NTLM credentials, spammailme
Next by Date:  Re: Checkpoint Firewall Configuration, Jason Thompson
Previous by Thread:  Re: Checkpoint Firewall Configuration, Andrea Gatta
Next by Thread:  Re: Checkpoint Firewall Configuration, Jason Thompson
Indexes:  [Date] [Thread] [Top] [All Lists]