How do PA deal with BOT channel using APP such as twitter, skype, other IM?

ttongfly — Tue, 23 Aug 2011 17:53:59 GMT

Hi guys.

Nowadays BOTNET C&C server have been using Command and Control channel using twitter, skype IM and other IM like attached image.

So I wonder about how do PA deal with BOTNET channel traffic using application. I tried to find that any signature on virus, spyware and vulnerability but cannot.

Thanks.

Regards.

Roh.

Re: How do PA deal with BOT channel using APP such as twitter, skype, other IM?

bpappas — Fri, 26 Aug 2011 01:36:46 GMT

@Roh:

it would appear that the Twitter examples you shared can be stopped using the Palo Alto Networks Threat features.

Our Threat team is constantly researching and developing signatures to mitigate new and emerging techniques used by malware authors to attempt to evade detection.

As always if you discover a case where you believe that your Palo Alto Networks device is not responding appropriately to malicious traffic we encourage you to open a support case with the Technical Support team.

Thanks,

Benjamin

topic How do PA deal with BOT channel using APP such as twitter, skype, other IM? in General Topics

How do PA deal with BOT channel using APP such as twitter, skype, other IM?

Re: How do PA deal with BOT channel using APP such as twitter, skype, other IM?