Skip navigation
All Places >

Threat Prevention

Log in to follow, share, and participate in this community.

Recent Activity

Kaushal Varshney
EternalBlue is the a software vulnerability in Microsoft's Windows operating system. It is "Windows SMB Remote Code Execution Vulnerability", and described in CVE-2017-144. The vulnerability exploits Microsoft server message block 1.0 (SMBv1) - a network file sharing protocol. It allows remote attackers to execute arbitrary code via crafted… (Show more)
in Threat Prevention
Luis Borralho
Hello guys!   I'm planning to block all of TOR exit nodes using Checkpoint scripts created for that purpose, see link below.   How to block traffic coming from known malicious IP addresses    My question is this..   Will these exit nodes be append to the SAM Rule, or when it updates the SAM Rule will it clean all my SAM Rules already created… (Show more)
in Threat Prevention
Olga Kuts
How can we block traffic coming from known dynamic list of malicious IP addresses using SmartConsole? (Not through the ssh console as described in sk103154)
in Threat Prevention
Varun Arora
Threat Prevention has a option to add custom indicators from R77.20 and above. However, 61000 versions are R76SP.X. Does 61000 support the deployment of custom indicators in any version. We are running 61000 in R76SP.40 in VSX mode.
in Threat Prevention
Kaushal Varshney
A massive attack erupted on June 27 worldwide by a variant of Petya, a ransomware that encrypts the entire hard-drive rather than each file individually. This attack by Petya crippled many large banks, government offices and private companies worldwide.     Check Point customers, using  the SandBlast Agent with Anti-Ransomware technology, remain… (Show more)
in Threat Prevention
Dameon Welch Abernathy
This document helps IPS users answer the most common questions that arise when dealing with IPS issues. Also available in SecureKnowledge as: IPS Self Help Guide
in Threat Prevention
Dameon Welch Abernathy
A massive attack erupted today (June 27) worldwide, with a high concentration of hits in Ukraine – including the Ukrainian central bank, government offices and private companies. While the malware used is yet undetermined, some researchers are speculating it to be a variant of Petya, a ransomware that encrypts the entire hard-drive rather than… (Show more)
in Threat Prevention
Henrik Noerr
Hi,   Do you have a rss feed available security advisories regarding Check Point products? I think this is vital for monitoring new security issues.   I have found a rss covering all the IPS protections at Check Point but that is information overload. The only provided methods of receiving Check Point specific advisories are by mail or by… (Show more)
in Threat Prevention
Luis Borralho
Hello guys!   I prepared a SNORT rule to drop DoS tools patterns like traffic, the rule is working fine, can you tell after how much time will the FW send the IP's attacking the network after matching the rule?   Or is there a way to put in the snort rule a way like send to sam or not?   Because I know that for snort there is snortsam a plugin… (Show more)
in Threat Prevention