sábado, 5 de octubre de 2013

Gestionando Kindle Fire en Ubuntu 12.04 via Micro USB

Aparentemente este tema se sale del objetivo del blog.

En realidad no es así. Estoy importando el pack de R75 en formato Kindle con el objetivo de facilitarme su lectura, y así también la búsqueda de diccionario en inglés.

Copio y pego desde Ask Ubuntu, la fuente al final:

The new Kindle Fires can only be managed via a protocol known as MTP, but you can still mount them.
First make sure you have mtpfs installed.
sudo apt-get install mtpfs mtp-tools
Then, since udev and libmtp do not yet know about Kindle Fire do :
lsusb
My Kindle Fire HD shows up as "Bus xxx Device yyy: ID 1949:0007 Lab126"
What's important is the USB ID.
Next, add a file to udev to recognize your device:
sudo vi /etc/udev/rules.d/51-android.rules
Add this line to the end, substituting your USB IDs you figured out above if they are different:
SUBSYSTEM=="usb", ATTR{idVendor}=="1949", ATTR{idProduct}=="0007", MODE="0666"
Connect your Kindle and look to see if the system found it:
dmesg
In the spam you should see something like this:
...
[32421.676671] usb 3-1: >new high-speed USB device number 4 using xhci_hcd
[32421.702240] usb 3-1: >New USB device found, idVendor=1949, idProduct=0007
[32421.702247] usb 3-1: >New USB device strings: Mfr=2, Product=3, SerialNumber=4
[32421.702250] usb 3-1: >Product: Kindle
[32421.702254] usb 3-1: >Manufacturer: Amazon
[32421.702257] usb 3-1: >SerialNumber: xxx
...
If you couldn't find your device with lsusb, you can get the identifiers here too, but when you edit the udev rules you'll have to disconnect and reconnect.
Now let's make a place to mount it.
sudo mkdir -p /media/Kindle
sudo chmod 755 /media/Kindle
Also, it doesn't hurt to make sure fuse is set up to allow regular users to mount things.
Make sure /etc/fuse.conf is set up for this:
sudo vi /etc/fuse.conf
Look for the line that says "user_allow_other" and make sure it is uncommented.
Almost there! This part will be automatic from now on. All we have to do is mount it now.
Plug it in and setup the MTP over USB connection by mounting it, like this:
mtpfs -o allow_other /media/Kindle
Be patient with it, it's not the fastest thing ever. At any rate, once this command completes, you should see a kindle file system in Nautilus, etc.
When you're done using it, for example I load music into /media/Kindle/Internal\ Storage/Music, or use the ebook tool Calibre,
sync
fusermount -u /media/Kindle
I drop these commands into aliases, but you can just as easily add a "RUN=" to the udev rule or stuff them into shell scripts.
I prefer the Android app "ES File Explorer" to wander around and look at files on my Kindle... because Kindles are not good at "auto-discovery" of new files.

Fuente: Ask Ubuntu

jueves, 27 de junio de 2013

Training for Checkpoint begginers

I have a little project with Checkpoint Training. I need to know if exist some users that would wish to learn Checkpoint administration.

This users should to teach other student when the course finish.

Are you ready for this challenge? So write in the comments.

Interesante artículo de SNMP

http://www.fir3net.com/Checkpoint-SPLAT/enable-checkpoint-snmpd-on-splat-video-tutorial.html

miércoles, 19 de junio de 2013

El próximo reto: CCMA

Luego de adquirir las credenciales CCSA y CCSE, he dejado pasar un tiempo para incubar el conocimiento adquirido. Ahora el próximo objetivo para mediano plazo es lograr el CCMA.

CCMA, Checkpoint Certified Master Architect, es la máxima credencial que un profesional de Checkpoint pueda tener. Comparado a CCIE Security y JNCIE Security, se trata de un examen denominado hands on lab, o dicho de otra manera "un laboratorio de manos a la obra". Tiene una parte escrita cuyo código es 156-100. Consiste en un examen en VUE el cual tienes que aprobar con un mínimo de 80%. Por otra parte, el laboratorio debe solventarse en un máximo de  8 hrs, en un centro autorizado de Checkpoint (que usualmente es en Estados Unidos). El código del examen es 156-105.3.

Estoy construyendo un programa de estudio personal para realizar el examen la primera semana de Ene 2014, y el práctico para la primera semana de Mar 2014.

En una discusión en Checkpoint Experts en Linkedin, realicé la pregunta: "cómo puedo convertirme en CCMA" obtuve los siguientes comentarios:


"MDM and VSX are must, so are VPN advanced features like VPN routing. In my time the written exam was a combination of CCSA, CCSE and CCSE+ ones, with addition of "Principles of network security" course that nobody takes. I believe you should expect more or less the same situation now. 

You have to know MGMT advanced procedures such as migrations and advanced upgrades, be able to plan and deploy a complex CP solution including the products mentioned above, in addition with Eventia family and (potentially) endpoint. Aim to the latest CP version available, R76. 

Now the lab exam is virtualized, so you would be able to do that from a local CP office. 

Some tactics: be prepared to troubleshoot the lab before even going to perform the exam tasks. Plan more time than 8 hours for the lab, in case the initial state is not OK. Be aggressive and demand additional time from Check Point in this case. In the written exam read the question carefully. Comment ALL questions that do not make sense to you, there will be some. In general, be prepared to some painful and unpleasant experience, much tougher that passing the standard examsValeri Loukine


"Realistically, it's exactly like a JNCIE-SEC or CCIE-SEC exam. If you can find prep-guides for those and adapt them to CP-world, you'll likely be fine...

...Looking at workbooks/mock-labs for other vendors is probably the best place to start. Obviously portions of this don't apply to CP, but a lot of it does: 

http://www.ine.com/self-paced/ccie-security/workbooks.htm 

Something most people overlook for the CCMA is that you "absolutely" need to be able to understand advanced routing - it's not "just" security." Craig Dods

"I would make sure to have at the very least worked through the VSX and MDM courses. They used to be required but was removed a while back"  Fredrik Lindstrom

"I recommend you to just refresh on your CCSA, CCSE, as well as do CCMSE and CCMSE Plus VSX labs. I see you work with Check Point for already two years, but from my experience although I worked with and for Check Point for a few years, my CCMA would have never been achieved if I did not do labs day/night and even during my lunch break at work. Even when sleeping, I was still thinking about why my Global VPN won't come up for my externally managed gateway on ESXi server. It's not technically difficult, but there is just too much involved and you need to be quick at troubleshooting, configuring, and designing architecture according to best security practices. When you live and breathe the technology for the sake of interest, you will not only pass, but will also enjoy the architecture challenge".  Denys Borysiuk, T.P.


Link: CCMA

domingo, 20 de enero de 2013

Activar Application control y URL Filtering

Este es otro desafío.


  1. Crear un regla que bloquee el acceso a sitios maliciosos
  2. Crear una regla que informe al usuario antes de ir a sitios de web social. El mensaje debe ser: "De acuerdo a la política de la empresa estos sitios están permitidos por un número de tiempo determinado, no abuse de este privilegio".


Debes enviarme al correo cuatro screenshots:



  1. Regla que bloquea en el punto 1 (ver anterior).
  2. Regla de información en el punto 2
  3. El bloqueo en el navegador del usuario.
  4. El mensaje de información del usuario.


Para este ejercicio no vas a hacer identificación de usuarios, sino sólo por IP.


Debes leer la documentación: CP_R75.40_ApplicationControlURLFiltering_AdminGuide.pdf que está en el pack proporcionado.

Requisitos para despliegue distribuido en Checkpoint

Cuando el firewall y el management se encuentran en el mismo servidor se dice que es un deployment standalone. Esto permite una rápida instalación y un despliegue para pequeñas y medianas empresas. Con la desventaja de que si el equipo cae, entonces habrá pérdida de la disponibilidad del servicio.

El deployment distribuido consiste en tener el security management en un servidor distinto del que hace la labor de gateway. Todavía no tenemos alta disponibilidad, sin embargo, en el caso de que haya que restablecer el servicio, fácilmente se instala un nuevo gateway se une por SIC al Security Management y finalmente se instalan políticas. Más adelante vamos a ver cómo instalar un clúster en HA para estar completos.

Necesito que leas sobre SIC, pág. 19 del CP_R75.40_Security_Management_AdminGuide.pdf. Búscalo en la documentación que te proporcioné.