This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
HeikoAnkenbrand
Champion Champion
Champion
‎2023-03-21 11:49 PM

Script from unknown users - security risk?

Many interesting scripts and SmartConsole extensions can be found in the CheckMatesToolbox.

In the last few weeks I have been reading the comments of users again and again, should you execute scripts from unknown users on a firewall. This has been a fundamental question for me for years.

From my point of view, this should not be done, as there is a considerable risk on a productive firewall. 

But I personally write my scripts in such a way that everyone can read the source code cleanly.
This gives everyone the chance to analyse the script code.

Checkmates, what do you think about this topic?

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
10 Replies
SATO_SOG
Explorer
‎2023-03-22 12:09 AM

I agree with you.

Here we should think about the following:
Are millions of lines of Linux code not also a security risk?

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2023-03-22 01:19 AM
In response to SATO_SOG

Here we should think about the following: Are humans basically a security risk?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Bärbel
Participant
‎2023-03-22 07:58 AM
In response to G_W_Albrecht

Thats called whataboutism.

_Val_
Admin
Admin
‎2023-03-22 08:17 AM
In response to Bärbel

Actually, @G_W_Albrecht has a point 🙂 Humans are the main reason cyber security has so many threats 🙂

MAlter
Explorer
‎2023-03-22 01:54 PM
In response to _Val_

I agree with @G_W_Albrecht.
Software is only so secure as the human mind behind it.

0 Kudos
the_rock
Legend
Legend
‎2023-03-22 03:43 PM
In response to Bärbel

Well, thats true, but considering AI is taking over the world, humans wont even be needed to do much work soon lol

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2023-03-23 01:45 AM
In response to Bärbel

No, this is not an argument - it was only meant as a parody of SATO_SOGs nonsense 8)

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
JozkoMrkvicka
Authority
Authority
‎2023-03-22 02:37 PM

If some admin would like to have extension installed on the management, the extension should be first checked by experienced colleague who will give a green light if such a features are safe to be deployed. Tested in lab, of course.

Each and every extension should be available offline (locally present on management by selecting the json file), not downloaded from public internet.

Kind regards,
Jozko Mrkvicka
PhoneBoy
Admin
Admin
‎2023-03-22 02:59 PM

You’ve heard of Linux, right?
It ultimately came from a bunch of random people on the Internet.
Yet, so much of our modern technology landscape is possible because of Linux.

One of the ways trust is built is by publishing source code.
That along with the licensing allowed for wide adoption, reuse, and…trust.

One of the requirements for inclusion in Toolbox is publishing of source code.
This gives you the confidence to see for yourself what’s being done before you decide to use it.

For scripts and the like, you can see what’s being done for yourself easily enough.
The SmartConsole Extensions are a little trickier because of how they are implemented (require a web server stood up).

0 Kudos
the_rock
Legend
Legend
‎2023-03-22 03:45 PM

To me, personally, like everything in life, it all comes down to really one single word...TRUST. As my late grandfather always used to say "If you trust someone only 99%, thats not good enough". I think thats a very good point.

Just my take on it.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top