https://live.paloaltonetworks.com/t5/advanced-threat-prevention/threat-id-in-the-ranges-between-8700-8799-packet-based-attacks/m-p/518868#M1785 <P>Here's what it means.<BR /><EM>Threat-ID 8725: This event detects and strips the TCP Fast Open option (and data payload, if any) from the TCP SYN or SYN-ACK packet during a TCP three-way handshake.</EM></P> <P>&nbsp;</P> <P>It may disrupt applications that use TCP Fast Open.<BR />There's no security impact on the device.</P> <P>&nbsp;</P> <P>As already mentioned above, there's no exception option for 8725 in the vulnerability profile.<BR />Reference: <A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000wkrWCAQ" target="_self">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000wkrWCAQ</A></P> Mon, 24 Oct 2022 02:34:17 GMT ymiyashita 2022-10-24T02:34:17Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/threat-id-in-the-ranges-between-8700-8799-packet-based-attacks/m-p/513935#M1744 <DIV><FONT face="Verdana, sans-serif" color="#595959"><SPAN><STRONG>My customer is worry for log about threat id 8725.</STRONG></SPAN></FONT></DIV> <DIV><FONT face="Verdana, sans-serif" color="#595959"><SPAN><STRONG>this log is no impact on this device?</STRONG></SPAN></FONT></DIV> <DIV>&nbsp;</DIV> <DIV><FONT face="Verdana, sans-serif" color="#595959"><SPAN><STRONG><span class="lia-inline-image-display-wrapper lia-image-align-left" image-alt="Screen Shot 2565-09-05 at 18.23.08.png" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/43665i90E17AEC4B86BDA3/image-size/large/is-moderation-mode/true?v=v2&amp;px=999" role="button" title="Screen Shot 2565-09-05 at 18.23.08.png" alt="Screen Shot 2565-09-05 at 18.23.08.png" /></span></STRONG></SPAN></FONT></DIV> <DIV>&nbsp;</DIV> <DIV>&nbsp;</DIV> <DIV>&nbsp;</DIV> <DIV>&nbsp;</DIV> <DIV>&nbsp;</DIV> <DIV>&nbsp;</DIV> <DIV>&nbsp;</DIV> <DIV>&nbsp;</DIV> <DIV><FONT face="Verdana, sans-serif" color="#595959"><SPAN><STRONG>I know this is the expected behavior. Exceptions for these signatures are not to be found under the "Vulnerability Protection Profile".</STRONG></SPAN></FONT></DIV> Mon, 05 Sep 2022 11:24:08 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/threat-id-in-the-ranges-between-8700-8799-packet-based-attacks/m-p/513935#M1744 Jitaphon 2022-09-05T11:24:08Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/threat-id-in-the-ranges-between-8700-8799-packet-based-attacks/m-p/514121#M1745 <P>Anyone can give answer or not? <BR />I need to know this log is no impact on this device?</P> Wed, 07 Sep 2022 01:57:01 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/threat-id-in-the-ranges-between-8700-8799-packet-based-attacks/m-p/514121#M1745 Jitaphon 2022-09-07T01:57:01Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/threat-id-in-the-ranges-between-8700-8799-packet-based-attacks/m-p/518868#M1785 <P>Here's what it means.<BR /><EM>Threat-ID 8725: This event detects and strips the TCP Fast Open option (and data payload, if any) from the TCP SYN or SYN-ACK packet during a TCP three-way handshake.</EM></P> <P>&nbsp;</P> <P>It may disrupt applications that use TCP Fast Open.<BR />There's no security impact on the device.</P> <P>&nbsp;</P> <P>As already mentioned above, there's no exception option for 8725 in the vulnerability profile.<BR />Reference: <A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000wkrWCAQ" target="_self">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000wkrWCAQ</A></P> Mon, 24 Oct 2022 02:34:17 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/threat-id-in-the-ranges-between-8700-8799-packet-based-attacks/m-p/518868#M1785 ymiyashita 2022-10-24T02:34:17Z