Fix for Checkpoint VPN tunneling Option being grayed out on Check Point Endpoint Security Client

I noticed that my Windows VPN client on my computer was forcing all traffic through the gateway of my VPN endpoint. Something that in most cases would be find however this limited my ability to access local network resources in addition to browsing the internet via my local internet provider (Split Tunneling).

What I soon noticed was that I could not remove the setting that encrypted all traffic, routing it to the gateway

To make these changes to the client the following needs to be done.

Step 1: Modify configuration allowing for trac.config to be edited as its obscured for security purpose.

  1. Exit the Check Point Endpoint Security Client
  2. Stop the “Check Point Endpoint Security” service
  3. Edit c:\program files (x86)\checkpoint\endpoint connect\trac.defaults

Change the top line from:

OBSCURE_FILE INT 1 GLOBAL 0

to

OBSCURE_FILE INT 0 GLOBAL 0

Step 2:

  1. Start the “Check Point Endpoint Security” service
  2. Start the Check Point Endpoint Security client
  3. Verify that the c:\program files (x86)\checkpoint\endpoint connect\trac.config file is de-obscured.
  4. Shutdown the Check Point Endpoint Security Client
  5. Stop the “Check Point Endpoint Security” service
  6. Edit c:\program files (x86)\checkpoint\endpoint connect\trac.config

Search and edit the following line:

From: <PARAM neo_route_all_traffic_through_gateway=”false”></PARAM>

To: <PARAM neo_route_all_traffic_through_gateway=”true”></PARAM>

Step 3:

  1. Delete c:\program files (x86)\checkpoint\endpoint connect\trac.config.bak
  2. Start the “Check Point Endpoint Security” service
  3. Start the Check Point Endpoint Security Client

Notes: Pros and Cons of Split VPN you should know about

Pros

If you are going to split tunnel, then you are going to reduce the overall bandwidth impact on your Internet circuit. Only the traffic that needs to come over the VPN will, so anything a user is doing that is not “work related” will not consume bandwidth. In addition, anything external to your network that is also latency sensitive will not suffer from the additional latency introduced by tunneling everything over the VPN to the corporate network. Users will get the best experience in terms of network performance, and the company will consume the least bandwidth.

Cons

If security is supposed to monitor all network traffic, and protect users from malware and other Internet threats by filtering traffic, users who are split tunneling will not get this protection and security will be unable to monitor traffic for threats or inappropriate activity. Traffic to websites that use HTTPS will still be protected, but other traffic will be vulnerable.

Ref: https://www.cpug.org/forums/archive/index.php/t-14545.html

The PiDrive Foundation Edition Makes Installing Multiple Operating Systems on Your Pi Easy

Priced at right around what you’d pay for any other hard drive and SD card, at $28.99 for 250GB and $37.49 for 375GB.

The PiDrive Foundation Edition is essentially a hard drive that also comes with an SD card installer that lets you install and boot from multiple operating systems.
Source: Lifehacker

FAA tests antidrone tech at Denver International Airport – CNET Share 

Pretty glad the FAA is looking into this.

As a person who flies periodically I’m comforted to know that somebody’s investigating this and possibly putting it to an end.

https://www.cnet.com/news/faa-federal-aviation-adminstration-drones-airports-safety/#ftag=CAD590a51e

We Are America ft. John Cena | Love Has No Labels | Ad Council

Well said…

To love America is to love all Americans. John Cena takes a break between dropping body slams to drop some truth – that patriotism is more than pride of country, it’s love beyond labels.

While the vast majority of Americans consider themselves unprejudiced, many of us unintentionally make snap judgments about people based on what we see – whether it’s race, age, gender, religion, sexuality, or disability. The Love Has No Labels campaign challenges us to open our eyes to our implicit, or unconscious, bias and work to stop it in ourselves, our families, our friends, and our colleagues. Rethink your bias at www.lovehasnolabels.com.

Share your support for love and inclusion by creating your own #WeAreAmerica gif at www.lovehasnolabels.com

Microsoft and Code.org announce free Minecraft Hour of Code tutorial for Computer Science Education Week, Dec. 5–11 | News Center

https://news.microsoft.com/2016/11/15/microsoft-and-code-org-announce-free-minecraft-hour-of-code-tutorial-for-computer-science-education-week-dec-5-11/

vSphere 6.5 – vCenter High Availability (VCHA) Overview – Enterprise Daddy

http://www.enterprisedaddy.com/2016/11/vsphere-6-5-vcenter-high-availability-vcha/

Ransomware goes Retro with PayDOS and Serpent written as Batch Files

The first variant discovered by Jakub is called PayDOS and is a batch file converted into a executable. When run, the executable will extract the batch file into the %Temp% folder and  run it from there. Once executed, batch file will scan certain folders for certain file extensions and rename the file so that one letter of the extension is changed. For example, test.png may become test.dng. It does not actually encrypt the files.

http://www.bleepingcomputer.com/news/security/ransomware-goes-retro-with-paydos-and-serpent-written-as-batch-files/

Introducing Microsoft Teams—the chat-based workspace in Office 365 – Office Blogs

https://blogs.office.com/2016/11/02/introducing-microsoft-teams-the-chat-based-workspace-in-office-365/

Check Point 600 Appliance Software Blade Stuck in Updating status

Recently I had a chance to get my hands on this excellent Firewall by Checkpoint. And as you know not everything goes perfectly, and this is where you get a chance to learn how it works, while you fix.

I encountered an issue where one of the Threat Prevention Blades was stuck in updating mode for several hours. I had logged into the appliance via SSH to view to CPU utilization and observed nothing which would indicate an issue.

I started thinking about what events occurred which may have caused this. So I looked at the auto update schedule for the blades and noticed that all 3 blades where set to upgrade simultaneously.

I have observed that these updated can causes very high consumption of CPU and which that perhaps the blade with the issue became stuck in an upgrading status.

To address this situation, I issued the update command from the CLI :

  1. Log into the firewall via SSH
  2. Enter into expert mode by typing ‘expert’ in the CLI – You will be asked for your expert password. Once in export you will be in a standard Linux bash prompt.
  3. Run the following while in expert mode depending on which update you require:
  • Anti-Virus Blade: [Expert@jermsmit.com]# online_update_cmd -b AV -o update
  • IPS Blade: [Expert@jermsmit.com]# online_update_cmd -b IPS -o update
  • Application Control Blade: [Expert@jermsmit.com]# online_update_cmd -b APPI -o update

 

Now return and refresh your webUI and you should notice that the blade(s) that were once stuck in the upgrading status are now showing up to date.

Check Point 600 Appliance Initial Setup

The following is a quick video of the setup of a Checkpoint 600 Security Appliance

Notes right from the admin guide: http://downloads.checkpoint.com/dc/download.htm?ID=24000

Check Point 600 Appliance Overview
Check Point 600 Appliance delivers integrated unified threat management to protect your organization from
today’s emerging threats. Based on proven Check Point security technologies such as Stateful Inspection,
Application Intelligence, and SMART (Security Management Architecture), Check Point 600 Appliance
provides simplified deployment while delivering uncompromising levels of security.

 

Check Point 600 Appliance supports the Check Point Software Blade architecture that gives independent
and modular security building blocks. Software Blades can be quickly enabled and configured into your
solution based on specific security needs.

 

This video takes place, right after the Check Point 600 was connected to WAN, LAN, and Powered Up.