Hi,
I'm new to Palo Alto and custom threat signatures. I'm trying to detect invalid login attempts to a web site and apply a time rate. When the user enters an invalid username in the login, the site returns the text "invalid username". Which context
...
Looking for the payload data to update the '/config/shared/local-user-database/user' via the PA 5.0.10 API
#! /usr/bin/python
import urllib
import urllib2
import sys
# PaloAulto Firewall Managment IP Address
mypafw = '10.10.10.1';
# PA API key
mykey =myke
...
How do I monitor acc risk factor in cacti tool, via snmp?
as title
I am looking for a way to create an custom application signature to identify IE browsers when accessing the internet and reliably identify it whether it is using http or https. Currently I have a custom app signature the works great when accessing ht
...
How do I Create a dlp policy to detect private IPs using Regular Expressions or what Regular expression should I used for data pattern
In panorama 5.1.5 code, I'm attempting to pull down traffic logs for analysis of application type vs rule. My query is structured like this:
https://10.x.x.240/api/?type=log&log-type=traffic&query=%28%20receive_time%20geq%20%272012/12/31%2008:00:00%2
...
All,
I just posted up a perl script for grabbing users and ips from Symantec Endpoint Protection (SEP).
Perl script to load users and IPs from Symantec Endpoint Protection (SEP)
Hello
I'm looking for solution how to create custom report that shows login and logout of Global VPN users. In this report I need time of connection/disconnection IP login name and status (success or false) of connection.
Help me please
With regards
Lui
Hi,
i looked all around, and i didnt find an answer to that question,
please help,
Thanks.
I need to determine if a custom signature can be built to block traffic based on specific string in a URL request, such as:
skn=8392
I've since asked support and they've told me to post my question here as they saw nothing wrong with how things are co
...
Hello,
I have posted following thread and attached a python script before, but this has already been obsolete. Please don't use this.
Listing all of vulnerability or phone-home signature
I posted the latest version to GitHub instead. The URL is as follo
...
Hello,
We are trying to block specific files based on the content disposition. Using all the different context values for http traffic has proven ineffective. The issue is that we don't see the file name until the end of the file download. A screen
...
hi, dear Sir :
I use the XML api of Palo alto firewall to import the user-ip-mapping into the user-id-agent. And I could find a file"XMLAPIUserIPMap.txt" in the agent's directory. And when I stop the User-agent service , I would find the import data
...
Hi all,
I am looking for a way to limit the number of receipients allowed (rcpt to:) in an email message (smtp). Anyone done this already ? Ideas ? Custom Signature with smtp-req-rcpt-argument-length ?
Thanks for input
Roland
Hi,
In my struggle to switch my captive portal rules on and off during the day I want to run a script to achieve this. I use a .bat file containing the following line:
c:\test\plink.exe -ssh 192.168.100.2 -l admin -pw mypassword -m c:\test\enable.txt
T
...
