https://live.paloaltonetworks.com/t5/general-topics/filter-ssh-v1/m-p/3597#M2653 <HTML><HEAD></HEAD><BODY><P>I can see 'SSH2 Login Attempt' (ID:31914) under vulnerability protection signature.</P><P>If you permit ssh in security rule and block this signature&nbsp; on the same rule,</P><P>can't you permit ssh v1 only?</P><P></P><P>Just my guess.</P><P></P><P>Regards,</P><P></P><P>Emr</P></BODY></HTML> Wed, 07 Mar 2012 05:31:42 GMT emr_1 2012-03-07T05:31:42Z https://live.paloaltonetworks.com/t5/general-topics/filter-ssh-v1/m-p/3592#M2648 <HTML><HEAD></HEAD><BODY><P>Hi</P><P>I have a request to filter in the firewall ssh v1. Is there any way to identify and filter ssh v1? can the firewall identify ssh v2 some way?</P></BODY></HTML> Tue, 06 Mar 2012 13:28:01 GMT https://live.paloaltonetworks.com/t5/general-topics/filter-ssh-v1/m-p/3592#M2648 Cesar.pevezFajardo 2012-03-06T13:28:01Z https://live.paloaltonetworks.com/t5/general-topics/filter-ssh-v1/m-p/3593#M2649 <HTML><HEAD></HEAD><BODY><P>Hi Cesar,</P><P></P><P>ssh is at least listed in the applipedia as a known App.</P><P></P><P><A class="active_link" href="http://apps.paloaltonetworks.com/applipedia/">http://apps.paloaltonetworks.com/applipedia/</A></P><P></P><P>rgds Roland</P></BODY></HTML> Tue, 06 Mar 2012 13:55:18 GMT https://live.paloaltonetworks.com/t5/general-topics/filter-ssh-v1/m-p/3593#M2649 gafrol 2012-03-06T13:55:18Z https://live.paloaltonetworks.com/t5/general-topics/filter-ssh-v1/m-p/3594#M2650 <HTML><HEAD></HEAD><BODY><P>Thanks Roland</P><P>The problem I have is that I don't see any reference to the version of SSH in the app description. I will like to know if there is any mechanism to diferentiate v1 from v2, so I can permit only v1.</P></BODY></HTML> Tue, 06 Mar 2012 14:09:05 GMT https://live.paloaltonetworks.com/t5/general-topics/filter-ssh-v1/m-p/3594#M2650 Cesar.pevezFajardo 2012-03-06T14:09:05Z https://live.paloaltonetworks.com/t5/general-topics/filter-ssh-v1/m-p/3595#M2651 <HTML><HEAD></HEAD><BODY><P>It seems the APP does not differentiate between ssh1 and ssh2, just my guess....</P><P></P><P>Roland</P></BODY></HTML> Tue, 06 Mar 2012 14:16:16 GMT https://live.paloaltonetworks.com/t5/general-topics/filter-ssh-v1/m-p/3595#M2651 gafrol 2012-03-06T14:16:16Z https://live.paloaltonetworks.com/t5/general-topics/filter-ssh-v1/m-p/3596#M2652 <HTML><HEAD></HEAD><BODY><P>You can setup a SSH decryption policy to handle ssh vs ssh-tunnel. But I dont think it currently supports stuff like v1 vs v2.</P><P></P><P>Look at page 143 in the PA-4.1_Administrators_Guide.pdf for more info.</P><P></P><P>I think you need to contact your sales rep. to file this as a feature request.</P></BODY></HTML> Tue, 06 Mar 2012 14:25:53 GMT https://live.paloaltonetworks.com/t5/general-topics/filter-ssh-v1/m-p/3596#M2652 mikand 2012-03-06T14:25:53Z https://live.paloaltonetworks.com/t5/general-topics/filter-ssh-v1/m-p/3597#M2653 <HTML><HEAD></HEAD><BODY><P>I can see 'SSH2 Login Attempt' (ID:31914) under vulnerability protection signature.</P><P>If you permit ssh in security rule and block this signature&nbsp; on the same rule,</P><P>can't you permit ssh v1 only?</P><P></P><P>Just my guess.</P><P></P><P>Regards,</P><P></P><P>Emr</P></BODY></HTML> Wed, 07 Mar 2012 05:31:42 GMT https://live.paloaltonetworks.com/t5/general-topics/filter-ssh-v1/m-p/3597#M2653 emr_1 2012-03-07T05:31:42Z