Showing results for 
Search instead for 
Did you mean: 
Create a Post

Block email with specific " text"

Good day, I'm receiving emails with a specific text (ex. " dd/mm/yyyy - on this day I hacked your OS and got full access to your account  ,You can check it - I sent this message from your account. So, you can change the password, yes.. But my malware intercepts it every time.  Pay $900 in bitcoins....."  ).Is there a way to block emails with a specific text using checkpoint ? RegardsMauro       

IS there any tool or script to trigger IPS signature ?

Hi Team , IS there any tool or script to trigger IPS signature in order to check live if we receive IPS logs on SMS?

IP address and DDNS

Using the 730 checkpoint alliance and firmware is 77.20.86 1) When i am connecting via USA/Serial and IP Address is assign. May i know whose IP Address is this. This IP Address is changing randomly when i am disconnect and reconnect it. This is not my ISP Address. Is it Internal IP Address assign by checkpoint?     2) I am using the DDNS where an ip address is not updating automatic to NO-IP. I have to update manually IP address at No-IP. Is there any idea how much time take in DDNS for automatic update to NO-IP . I have been waited for 15minutes but no update automatic.

Is there SNI support for inbound HTTPS inspection in R80.20?

Hi,on gws R80.20 can I do HTTPS inspection on inbound connections that require SNI since on the server there are some virtual hosts with different certificates? If yes how? Thanks in advance 

Bock emails with specific Text message

Hi I've a checkpoint R80.10 and the blade "anti-spam and email security" is enable ( High Protection), but i'm receiving "Text" emails with undesired content ( ex." your account has bean hacked.... pay via bitcoin.....) and the email from and to are from the same internal email address ( ex. From : and To: .I would like to know:1. Can checkpoint block all emails that came with a specific "TEXT" ( ex." your account has bean hacked.... pay via bitcoin.....) ?2.  How can i block internal emails with same  "From" and "To" ( ex. From :  To: but coming from my  public ip address  ? Sorry for the EnglishRegards,Mauro  

Having issues with firewall dropping mail as spam

We have R80.10 and we do not have anti-spam turned on.  We are having issues with our firewall preventing mail for some reason.  The Anti-Bot blade is picking up the mail traffic.  The description is Malicious MAil activity and email control says Anti Maleware.   The email itself does not have antyhing in it but a few words.  I can have the email sent to my outside email account. Then I forward the same email inbound and it passes our firewall.  The only thing I noticed it that there is a proxied source IP in the log.  I am not sure how or why the firewall is preventing this email.  Has anyone seen this before?  Its happening to numerous different domain names.  a few of them are office 365 users.

IPS Release

What is the most recent Check Point 5600 and Check Point 5200 IPS releases?  I need to verify that my systems are current and up to date.

Checkpoint application control & URL Filtering blades update failed

Application control & URL filtering blade update failed issue happens.

IPS - Basics Protections

HelloI want to know if there are some specific information about basic IPS Signatures.We have an external IPS (Main) but we need to enable some signatures in CheckPoint Firewall to protect if any signature escaped from the main IPS.Thanks.Regards.

Geo Policy Blacklist

Hi,I have Geo protection configured in my setup and we are blocking traffic to & from certain countries in policy. Still I can observe traffic from those countries are getting permitted (ingress or egress). I have observed this behavior mainly post R80 upgrade. Looking at Smart log it is mainly permitting for process fw_ica but some other traffic as well i.e. for Skype for business etc.Can someone please guide what can be wrong here?

MTA on alias interface

Hello checkmates,has anyone an idea how we get MTA listen on an alias interface in a ClusterXL environment ?How to configure MTA to listen to an Alias Interface  shows perfect how to do it. But I need this for a cluster environment. We want to listen the MTA on another IP-address then one configured in the topology.Because alias interfaces are not supported in ClusterXL any other ideas are welcome.ThanksWolfgang

Anti-Virus show logs type alert and not prevent traffic

Hi,I have some problem with TE250x. I see some logs not match threat prevention policy profile. Gaia r77.30 hf take 351Please see log picture.Thank you.

Antibot/Antivirus update error on R77.30 gateway

Hi All, I have a customer who started seeing below error on all Checkpoint gateways running R77.30. This occurred 1 or 2 days. "Update failed. Failed to load database. Failed to parse file (/opt/CPsuite-R77/fw1/amw/update/cur/malware.eng)- last item (#5764) is cut.Client also has R80.XX gateways, but there's no problem observed on them. Suspecting if the update file corrupted or may caused something due to which they started seeing it on all gateways. 

R77.30_internet error: no product eligible for update, check db version

Hi everyone, When I perform an IPS update on R77.30 version.I have seen a display smartdashboard the following: "internet error: no product eligible for update, check db version"I am not sure how to fix it?Please help me. 
carl_t inside IPS, Anti-Virus, Anti-Bot, Anti-Spam 2 weeks ago
views 191 1

IPS exceptions

Hi AllCan anyone talk to me about the IPS exceptions on the R80 Firewall.If you want to create an exception, you generally apply it to whatever policy you have on applied to the Firewall.What are the Core exceptions?Also if we bypass certain things, I am guessing this doesn't get scanned at all?Many thanks