Thank you very much Michael. That is exactly the answers I am looking for.
I would hope that most training centers strive for exactly that attitude and
I am glad to see that some do. I am certain your passion insisted that all
training centers should do likewise and I agree with you wholeheartedly.
And I appreciate you assisting me in doing just that.
Have you had any issues with the labs you have created? Obviously you had
to enable port scanning and I assume you use NMAP. The Login validation is
worth trying.
I am finding that most of my customers do not yet have CP2000 and those that
do are not using the few IDS capabilities offered within. Are you finding
the same?
We are going to be offering Real Secure training along with our new NOKIA
training and I am not certain that anyone will ever truly get excited about
CPMAD's limited scope.
----- Original Message -----
From: "Michael Hernandez" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, August 29, 2000 1:32 PM
Subject: RE: [FW1] Has anyone used CPMAD
>
> To better add value for that class WE at RISCmanagement, Inc do port
> scans
> and successive logon's while enabling CPMAD so students can get a good
> feel
> on what it actually does and how it works! Rather than breezing through
> the
> chapter and telling student "Hey sorry, but no labs for this chapter!".
>
> --Michael
> www.riscman.com
>
>
> -----Original Message-----
> From: Scott Schindler [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, August 29, 2000 2:08 PM
> To: Samuel Wuethrich; [EMAIL PROTECTED]
> Subject: Re: [FW1] Has anyone used CPMAD
>
>
>
> The global setting is on. I am running everything on one machine. I
> get no
> messages in the log regarding "sam inhibit", nothing but the normal
> failed
> on cleanup rule message.
>
> BTW This is not a production system. It is lab testing only. I train
> Check
> Point and there is no lab for CPMAD and I have never actually heard of
> anyone using it and I can't get it to do anything.
>
> I am testing whether this is a marketing thing from Check Point or
> something
> that actually adds value. If there is no lab, it makes me wonder if
> they
> can even get it to work. But so few people use it, I can't get any
> feedback.
>
>
> ----- Original Message -----
> From: "Samuel Wuethrich" <[EMAIL PROTECTED]>
> To: "Scott Schindler" <[EMAIL PROTECTED]>;
> <[EMAIL PROTECTED]>
> Sent: Tuesday, August 29, 2000 10:55 AM
> Subject: RE: [FW1] Has anyone used CPMAD
>
>
> > I've deal with this when I've set up Real Secure 5.0. Maybe
> > MAD_system_mode=off instead on, found in
> $FWDIR/conf/cmpad_config.conf.
> > You
> > should receive some log entries with column 'Type' equal control and
> > column
> > 'Info' begins with 'SAM inhibit'. That what's happend when I try nmap
> > (CP
> > FW-1 4.1 SP2 DES).
> > Another question: The ela proxy is running on the same platform as MAD
> > is
> > running??
> >
> > Regards,
> > sAM
> > -----Original Message-----
> > From: Scott Schindler [mailto:[EMAIL PROTECTED]]
> > Sent: Dienstag, 29. August 2000 16:43
> > To: [EMAIL PROTECTED]
> > Subject: [FW1] Has anyone used CPMAD
> >
> >
> > The courseware does not come with a lab, so I used syn4k and nmap to
> > attack
> > a firewall. CPMAD is enabled by default, but I had to enable port
> scan
> > detection. CPMAD did absolutely nothing. And I could have easily
> > filled
> > the hard drive with log entries. 4000 entries in about 45 seconds.
> >
> > Anyone have experience out there with CPMAD and actually use it or
> have
> > seen
> > it work? It defaults to fwalert, but no alerts showed up in system
> > status.
> >
> > I am looking for those with actual experience only. I am not looking
> > for
> > web links.
>
>
> ========================================================================
> ====
> ====
> To unsubscribe from this mailing list, please see the instructions
> at
> http://www.checkpoint.com/services/mailing.html
> ========================================================================
> ====
> ====
>
>
> ========================================================================
> ========
> To unsubscribe from this mailing list, please see the instructions
> at
> http://www.checkpoint.com/services/mailing.html
> ========================================================================
> ========
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
