This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
jnoble
Participant
‎2020-04-08 01:34 PM

How to download an attachment removed by checkpoint?

Hi,

 

One of our users received an email with .mp3 extension from our client and the attachment was removed by checkpoint.

 

Is there a way to retrieve it?

 

Thanks.

Attachment.JPG
Preview file
32 KB
0 Kudos
4 Replies
PhoneBoy
Admin
Admin
‎2020-04-08 05:51 PM

If I'm not mistaken, these attachments aren't saved anywhere.
There may be hints in the log files referred to here: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
0 Kudos
Dilian_Chernev
Collaborator
‎2020-04-14 02:35 AM

Open the Summary report from logs and download it from there: 

te_report_download.png

 

Password for the archive should be: infected

0 Kudos
jnoble
Participant
‎2020-04-14 04:42 AM
In response to Dilian_Chernev

Hi Dilian,

 

Can you give me the steps in detail?

Is there a built in summary report?

Thanks.

 

 

0 Kudos
Dilian_Chernev
Collaborator
‎2020-04-15 12:02 AM
In response to jnoble

Yes, for every "malicious" file there should be a Summary and Detailed per OS reports.

First locate the blocked connection in logs:

te_logs.png

Second: open the log record and check the summary report. It is best viewed with Chrome/Firefox.

te_summary.png

Third: will see the Summary report and can download prevented file, as on my first post.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    li.common.scroll-to.top