Important Links

Farzand Ali1 Comment

Palo Alto ACE/PCNSE
Cisco CCNA/CCNP/CCIE Security
Cisco CCNA/CCNP/CCIE RnS
Checkpoint CCSA/CCSE
Juniper SRX
Cisco Meraki and Aruba APs
VmWare
CompTIA Linux+/LPIC1
CompTIA Network+/Security+
ITIL
Microsoft MCSA

Useful Tools

Security Advisories:

US-CERT: https://www.us-cert.gov/ncas/current-activity

Palo Alto: https://securityadvisories.paloaltonetworks.com
Checkpoint: https://www.checkpoint.com/advisories/

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsecurityalerts=#severity=&type=Security+Alerts&product=&version=
Cisco: https://tools.cisco.com/security/center/publicationListing.x
Meraki: https://meraki.cisco.com/blog/cisco-meraki-customer-advisories/
Juniper: https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES

EoL links:
Cisco:
https://www.cisco.com/c/en/us/products/security/asa-5500-series-next-generation-firewalls/eos-eol-notice-listing.html
https://www.curvature.com/resources/cisco-end-of-life-guide
Palo Alto:
https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-summary
Meraki:
https://documentation.meraki.com/zGeneral_Administration/Other_Topics/Product_End-of-Life_(EOL)_Policies
Checkpoint:
https://www.checkpoint.com/support-services/support-life-cycle-policy/

CVE (Common Vulnerabilities and Exposures) and CVSS (Common Vulnerability Scoring System):
https://www.cvedetails.com/cvss-score-distribution.php
https://nvd.nist.gov/vuln-metrics/cvss
https://cve.mitre.org/

Important Organizations:
United States Computer Emergency Readiness Team (US-CERT)
National Cybersecurity and Communications Integration Center (NCCIC)
Cybersecurity and Infrastructure Security Agency (CISA)
National Institute of Standards and Technology (NIST)
National Cyber Security Centre (NCSC)
Government Communications Headquarters (GCHQ)
(CREST)

Checkpoint Evaluation License steps (cplic)

Farzand AliLeave a comment

https://help.checkpoint.com/s/
Learn>Product Evaluation>All-in-One-Evaluation
Download the license file

cplic put -l LICENSEFILE.lic
cplic print -x (to get the hash and del old ones)
cplic del KEY_HASH (remove all the old ones)
cplic print -t (to check whether central or local)
cpstop
cpstart

upload the license file on Smart Update as well and attach. Dettach all the old ones.

How to import multiple objects into R80.x Management database using .csv file and then add them to a group

Farzand AliLeave a comment

How to import multiple objects into R80.x Management database using .csv file and then add them to a group:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk113078
https://community.checkpoint.com/t5/General-Management-Topics/Format-of-csv-file-to-add-object-in-group/td-p/8987

.csv files needs to be where you will be running the commands from:

Create the .csv file:

#cat networks.csv

name,subnet,subnet-mask
network1,10.10.10.0,255.255.255.0
network2,20.20.20.0,255.255.255.0
network3,30.30.30.0,255.255.255.0

Note: using underscore character in .csv file (for example, “network1_1”) can cause errors. Use the hyphen instead.

Run the API command:
#mgmt_cli add network –batch networks.csv

Then to add the objects to the right group use:

mgmt_cli set group –batch group-members_full_csv.csv

The CSV should have the following header row:

name,members.add

The name field is for the group and the members.add field will be the host object to add to the group.

The rest of the body of the CSV would then be filled in as you wish:

group1,host1

group1,host2

group1,host3

group2,host1

group2,host2

group2,host3

Steps: Adding HA devices to Panorama

Farzand AliLeave a comment

1. Enable Config Sync (untick on both)(commit).
2. Specify Panorama Server on HA Firewalls and Enable Policy, Objects and Templates options (commit).
3. Add Firewalls as Manages devices in Panorama using serial numbers (Tick Group HA Peers) (commit Panorama).
4. Import Device configuration to Panorama (Post Rule/Leave ticked) (Primary)
5. Import Device configuration to Panorama (Post Rule/Leave ticked) (Secondary)
6. Commit (Panorama) (Creates Device Groups and Templates for both).
7. Remove Secondary Template and Device Group and Add both to the Primary Device Group and Template.
8. Export Configuration (Push and commit) Device Group config to Secondary only and Make the Primary suspended for Secondary to takeover.
9. Export Configuration (Push and commit) Device Group config to Primary now and Failback to the Primary.
(Both Should be showing In Sync under Managed Devices under Device Group and Templates)

Why Conduct Pen Test?

Farzand AliLeave a comment

Why conduct a penetration test?

An organisation should carry out a penetration test:

When penetration testing is conducted within the UK, there are a number of laws that govern the activities that form part of a penetration test.

For the majority of tests, these laws include the following:

In order to ensure that penetration testing is conducted in line with UK law and also to ensure that the test is conducted as efficiently as possible, a testing consent form must always be used to capture the exact scope of the test and provides those responsible for an organisation’s infrastructure with a means of providing their consent.

Upload ASA software image without ASDM (CLI)(Using SCP)

Farzand AliLeave a comment

(use pscp for windows)
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

ASA:

ssh scopy enable

PC:
pscp C:\Users\fali\Desktop\asa964-17-lfbff-k8.SPA Nettitude@196.29.167.170:disk0:asa964-17-lfbff-k8.SPA

(use pscp -1 …… for version 1)

ASA: 

no boot system disk0:/asa952-6-lfbff-k8.SPA
boot system disk0:/asa964-17-lfbff-k8.SPA
boot system disk0:/asa952-6-lfbff-k8.SPA
wr mem
reload in 8:00