"Session limit" bittorrent?

Hi devcenter

I've been reading the document on Application DDoS mitigation techniques using vulnerability signatures ( Application DDoS Mitigation ). I've been experimenting with the concept of "session limiting" bittorrent connections in this manner.

Create a custom signature to prevent some brute force attacks

Hi,

Our customer asked to create a custom signature to prevent some brute force attacks.

We combined threat ID 34556 and 31708  ("HTTP WWW-Authentication Failed" and "HTTP Unauthorized Error") so that if they both occur more that 10 times within 60 se

Custom Vuln Signature with req and rsp contexts fails

Sorry to cross post this - I was directed to the DEVCENTRE as a more likely setting to find an answer to this.

I'm trying to stem the flood of wordpress brute force attacks coming INTO our network (we are a web host, so host thousands of WP sites).

De

Controlling Google's Hangout app

Has anyone here dealt with Googles hangout app for mobile devices going through the firewall. The customer wants to allow hangout chat but not file-transfer or video calling. The apps sees it as google-talk and under it is gtalk-voice, google-talk-ba

About Custom Vulnerability Signature

Hello,

My customer made vulnerability signature in FW. But FW doesn't detect this signature.

Customer Vulnerability Signature

context : http-req-message-body

pattern : eval\(gzinflate\(str_rot13\(base64_decode

I am searching this but I don't know.

So I nee

Get logical interface active bitrate

Hi,

How can I get the current bitrate of a logical interface at the time its queried via the API or CLI?

I've tried 'show interface tunnel.x' but that shows be the overall counters for that interface.

I know it can be done as Pan(w)achrome displays that

Script for pulling configuration

Hi, can someone help me with creating a non interactive script which logs in to the device and pulls configuration.

I tried this, but it hangs after passing the password.

ssh <username>@<firewall_name> "show config running"

It runs fine when doing it in

Custom App-ID SMB Signature Assistance

Hello,

I'm trying to write a custom smb signature to restrict access to certain shares. It's based on Custom App-ID for a specific SMB share

My share pattern is '\\america\credit'. Unfortunately, it didn't work for me and I opened a support case. But t

application override

Do I require a security rule if I create an application override rule?

Is it possible to have 4 devices as active/active setup?

Am I able to configure up to 4 devices to act as active/active in high availability?

This should be able to, if one of those 4 get down, the others 3 keep handling traffic. And if another one of those get down, the other 2 keep running and so on.

Is it

PAN script to deply multi-VSYS

Hello,

I was recently in a webinar (Sales Insights: MSSP Program – Approach, Process, Variations), and David mentioned a "Pro-Scripts" or PanScripts that are capable to create templates and deploy to multi-Vsys from Panorama.

I would like to find out m

Custom App Signature to detect Firefox User Agent - not working on *some* https traffic

Hi,

recently I have been 'forced' through a support call to look into custom application signatures for the first time.

The requirement is  to detect and block the Firefox UserAgent string (the usefulness of blocking something as easily spoofed like th

Questions on modifying the captive portal design and function

Hello,

   One of the customers has put forth couple of questions regarding the capability of modifying the captive portal design and function. Any feedback is appreciated. Customer has already managed to change the style of the portal to a certain de

dynamic address object show via XML-API

Hi All,

We're doing some custom apps which revolve around dynamic address objects.  We'd like to be able to dump out the current members of a dynamic address via the API.  The 'Dynamic Address Objects revB.pdf' document doesn't mention that it's possi

USER ID PROBLEMS