Connect with jvortega
People I'm following

jvortega is not following anybody.

jvortega

jvortega

12p

8 comments posted · 0 followers · following 0

13 years ago @ Sekiur My Thoughts - Customer Service Excel... · 0 replies · +1 points

Thanks for the feedback.

13 years ago @ Sekiur My Thoughts - Crude Improvement - Ce... · 0 replies · +1 points

Thanks for the feedback. Will update the post.

14 years ago @ Sekiur My Thoughts - Checkpoint Firewall-1 ... · 0 replies · +1 points

There are several files that the R65 export misses so running both exports guarantees that you bring over all the necessary files for a successful upgrade.

15 years ago @ Sekiur My Thoughts - Step by Step In Dealin... · 0 replies · +1 points

Scan the network for Conficker. http://blog.sekiur.com/2009/03/conficker-gets-rea...
http://www.dshield.org/diary.html?storyid=6097 & http://honeynet.org/node/388

15 years ago @ Sekiur My Thoughts - Checkpoint Firewall-1 ... · 2 replies · +1 points

Have you solved this yet? Have you tried increasing the UDP virtual session timeouts? Any performance issues on the firewall? Have you tried moving the sip rule closer to the top of the rule base? and do you have cleanup rules at the bottom for high port udp traffic?

15 years ago @ Sekiur My Thoughts - Step by Step In Dealin... · 0 replies · +1 points

That's an excellent question. Variant C does a much better job at preventing security products from removing it, thus further testing is required.
"Like Conficker B, C incorporates logic to defend itself from security products that would otherwise attempt to detect and remove it. C spawns a security product disablement thread. This thread disables critical host security services, such as Windows defender, as well as Windows services that deliver security patches and software updates. These changes effectively prevent the victim host from receiving automated software updates. The thread disables security update notifications and deactivates safeboot mode as a future reboot option. This first thread then spawns a new security process termination thread, which continually monitors for and kills processes whose names match a blacklisted set of 23 security products, hot fixes, and security diagnosis tools......" http://mtc.sri.com/Conficker/addendumC/

15 years ago @ Sekiur My Thoughts - Checkpoint Firewall-1 ... · 1 reply · +1 points

Have you tried playing around with the smartdefense settings.? Under SIP the only option disabled should be to block calls from unregistered users as this will be done by the asterisk box. Under SIP custom properties, the only option checked should be to block SIP calls that use two different voice connections and under SIP filtering you should not do any filtering and not drop unknown SIP methods. You should a rule on your firewall allowing udp 5060 and udp >10000 & < 20000. On your asterisk box, your sip_custom.conf config file should look like this.

bindport = 5060

pedantic=no

externip=[public ip address]

localnet=A.B.C.0/255.255.255.0

Hope this helps.

15 years ago @ Sekiur My Thoughts - Step by Step In Dealin... · 0 replies · +1 points

Thanks. I appreciate your input very much.
an Automattic logo Invention

Home Features About Developers Help

© 2024 Automattic Inc. TOS | Privacy Policy | Privacy Notice for California Users