https://live.paloaltonetworks.com/t5/advanced-threat-prevention/nat-firewall-bypass-attack-how-palo-alto-protect-from/m-p/373439#M994 <P>The&nbsp;attack&nbsp;Kill-Chain.&nbsp;Palo Alto&nbsp;Networks&nbsp;Firewall&nbsp;Deployment decryption to&nbsp;avoid&nbsp;inspection&nbsp;bypass&nbsp;for encrypted content and applications For internal clients not behind a&nbsp;NAT&nbsp;device, a source-ip classification profile may be a good&nbsp;</P> Thu, 10 Dec 2020 04:52:12 GMT JohnCena 2020-12-10T04:52:12Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/nat-firewall-bypass-attack-how-palo-alto-protect-from/m-p/360310#M974 <P>A new research has demonstrated a technique that allow an attacker to bypass firewall protection and remotely access any TCP/UDP service on victim machine.</P><P><A href="https://thehackernews.com/2020/11/new-natfirewall-bypass-attack-lets.html" target="_blank">https://thehackernews.com/2020/11/new-natfirewall-bypass-attack-lets.html</A></P> Mon, 02 Nov 2020 19:03:30 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/nat-firewall-bypass-attack-how-palo-alto-protect-from/m-p/360310#M974 Naweed 2020-11-02T19:03:30Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/nat-firewall-bypass-attack-how-palo-alto-protect-from/m-p/366833#M988 <P>It would be great to hear from someone at PAN on this exploit.</P> Wed, 02 Dec 2020 19:00:09 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/nat-firewall-bypass-attack-how-palo-alto-protect-from/m-p/366833#M988 dnevigato-Coursera 2020-12-02T19:00:09Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/nat-firewall-bypass-attack-how-palo-alto-protect-from/m-p/373439#M994 <P>The&nbsp;attack&nbsp;Kill-Chain.&nbsp;Palo Alto&nbsp;Networks&nbsp;Firewall&nbsp;Deployment decryption to&nbsp;avoid&nbsp;inspection&nbsp;bypass&nbsp;for encrypted content and applications For internal clients not behind a&nbsp;NAT&nbsp;device, a source-ip classification profile may be a good&nbsp;</P> Thu, 10 Dec 2020 04:52:12 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/nat-firewall-bypass-attack-how-palo-alto-protect-from/m-p/373439#M994 JohnCena 2020-12-10T04:52:12Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/nat-firewall-bypass-attack-how-palo-alto-protect-from/m-p/376155#M1004 <P>We produced the following IPS signatures to cover this threat:</P> <P>&nbsp;</P> <P><SPAN>NAT Slipstreaming Detection (59667)</SPAN><BR /><SPAN>NAT Slipstreaming Detection (59668)</SPAN><BR /><SPAN>NAT Slipstreaming Detection (59669)</SPAN><BR /><SPAN>NAT Slipstreaming Detection (59671)</SPAN><BR /><SPAN>NAT Slipstreaming Detection (59672)</SPAN></P> Thu, 24 Dec 2020 22:41:43 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/nat-firewall-bypass-attack-how-palo-alto-protect-from/m-p/376155#M1004 mivaldi 2020-12-24T22:41:43Z