https://live.paloaltonetworks.com/t5/general-topics/dns-risk-catagory-4/m-p/44088#M32372 <HTML><HEAD></HEAD><BODY><P>Hi Kevin,</P><P></P><P>You can modify the risk level of the DNS app without worry.&nbsp; It will not affect DNS attack detection/protection.&nbsp; It is only used in reporting and in the ACC.</P><P></P><P>Cheers,</P><P></P><P>Kelly</P></BODY></HTML> Wed, 15 Dec 2010 23:05:50 GMT kbrazil 2010-12-15T23:05:50Z https://live.paloaltonetworks.com/t5/general-topics/dns-risk-catagory-4/m-p/44084#M32368 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>I don't understand why DNS forwarder traffic is considered Risk Catagory 4? I mean how can you use the internet without DNS?</P><P></P><P>Thanks,</P><P>Daniel</P></BODY></HTML> Fri, 09 Jul 2010 16:56:18 GMT https://live.paloaltonetworks.com/t5/general-topics/dns-risk-catagory-4/m-p/44084#M32368 numberall 2010-07-09T16:56:18Z https://live.paloaltonetworks.com/t5/general-topics/dns-risk-catagory-4/m-p/44085#M32369 <HTML><HEAD></HEAD><BODY><P>Exactly. Because it is so widely used, it is easily exploitable. The ACC breakdown should list why the app was give a 4.</P><P></P><P>This document should also help break down how the research team determines risk level:</P><P><A class="jive-link-wiki-small" href="https://live.paloaltonetworks.com/docs/DOC-1090">https://live.paloaltonetworks.com/docs/DOC-1090</A><SPAN> </SPAN></P><P></P><P>Take the risk level with a grain of salt. It just gives you an idea for potential threats on the network.</P><P></P><P>You can also modify the risk level in the PAN OS by clicking on Object &gt; Applications, then clicking on the the app, and then selecting "customize" next to the risk number.</P></BODY></HTML> Fri, 09 Jul 2010 19:23:31 GMT https://live.paloaltonetworks.com/t5/general-topics/dns-risk-catagory-4/m-p/44085#M32369 mharding 2010-07-09T19:23:31Z https://live.paloaltonetworks.com/t5/general-topics/dns-risk-catagory-4/m-p/44086#M32370 <HTML><HEAD></HEAD><BODY><P>Thanks for answering my question. While I appreciate that DNS can be abused, I don't think it warrents a 4. So I will take your advice and adjust the rating to my liking.</P><P></P><P>Thanks,</P><P>Daniel</P></BODY></HTML> Fri, 09 Jul 2010 21:04:25 GMT https://live.paloaltonetworks.com/t5/general-topics/dns-risk-catagory-4/m-p/44086#M32370 numberall 2010-07-09T21:04:25Z https://live.paloaltonetworks.com/t5/general-topics/dns-risk-catagory-4/m-p/44087#M32371 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P>I find myself in a similiar situation.&nbsp; With the DNS risk set to 4 it skews the overall safety of my network, and also hides other traffic from the Top risks on the Dashboard.&nbsp; I could lower the risk artificially, however will this compromise the appliances reaction actual DNS packet attacks?&nbsp; Will the system still exam and respond to actual attempts to exploit the vulnerabilities?&nbsp; Is there another alternative?&nbsp; Do I need to add a more specific definition of a "bad DNS" packet that can be filtered on?</P><P></P><P>Thanks to all who read and respond</P><P>Kevin Kutzera</P><P>New PA-500 administrator</P><P>Seattle, WA.</P></BODY></HTML> Mon, 13 Dec 2010 23:38:35 GMT https://live.paloaltonetworks.com/t5/general-topics/dns-risk-catagory-4/m-p/44087#M32371 KKUTZERA 2010-12-13T23:38:35Z https://live.paloaltonetworks.com/t5/general-topics/dns-risk-catagory-4/m-p/44088#M32372 <HTML><HEAD></HEAD><BODY><P>Hi Kevin,</P><P></P><P>You can modify the risk level of the DNS app without worry.&nbsp; It will not affect DNS attack detection/protection.&nbsp; It is only used in reporting and in the ACC.</P><P></P><P>Cheers,</P><P></P><P>Kelly</P></BODY></HTML> Wed, 15 Dec 2010 23:05:50 GMT https://live.paloaltonetworks.com/t5/general-topics/dns-risk-catagory-4/m-p/44088#M32372 kbrazil 2010-12-15T23:05:50Z https://live.paloaltonetworks.com/t5/general-topics/dns-risk-catagory-4/m-p/44089#M32373 <HTML><HEAD></HEAD><BODY><P>Will the custom risk levels hold through software updates?</P><P>Thanks<BR />Bob</P></BODY></HTML> Tue, 01 May 2012 21:14:22 GMT https://live.paloaltonetworks.com/t5/general-topics/dns-risk-catagory-4/m-p/44089#M32373 BobW 2012-05-01T21:14:22Z https://live.paloaltonetworks.com/t5/general-topics/dns-risk-catagory-4/m-p/44090#M32374 <HTML><HEAD></HEAD><BODY><P>I think you sent this to the wrong Kevin. I'd be interested in the answer.</P><P></P><P></P><P>Kevin Kutzera</P><P>Director, Information Service</P><P>Sent from iPad</P></BODY></HTML> Wed, 02 May 2012 00:26:14 GMT https://live.paloaltonetworks.com/t5/general-topics/dns-risk-catagory-4/m-p/44090#M32374 KKUTZERA 2012-05-02T00:26:14Z