Blocking Malware Callbacks

Malware Callbacks for command&control and also for data exfiltration are often transported in

HTTP POSTs.

The URL blocking of category malware URLs seems only to block the HTTP response. The GET or POST request seems to pass untouched to the server

Interface question

Hi!

This is our network:

My question is about interface 1/6:

I can ping the juniper from outside the network. But I can only ping the OpenVPN Server if I configure the IP-Address 80.0.0.5/32 explicit in this interface. Without this entry (80.0.0

Unlisted YouTube Video being blocked but All Other YouTube Videos are Viewable

Our company has hired someone to make a sales video and they have released a draft of the video on YouTube. The draft is an unlisted YouTube video and our users are not able to view it. The page opens and the video screen just spins, trying to connec

PA200 stops forwading traffic

Hi,

we have a pa200 (6.0.8) whichs suddenly stops forwarding traffic. So we had to reboot the device via managment UI to fix the problem. After doin some research i found this knowledge article from palo alto:

https://live.paloaltonetworks.com/t5

TS Agent Source Port Redirection blocks ODBC connection

We have a deployment of the TS Agent on 2008 R2 terminalservers. The TS agent works as designed and reassigns source ports. However, one specific segment of one specific application that is based on MS Access fails to connect to an SQL server when th

Transaction and session of signature scope

What is the difference between transaction and session on the signature scope of custome application?

unable to identify attcak and threat on firewall ip

Q. our auditor scanned our firewall IP from outside network but we unable to identify and check the attack and threat on firewall ip but able to check on servers public IP in threat option. can any1 suggest where we can check in paloalto?

Experiences with PAN-OS 6.1.8 ...

Hi all

Does anyone already have installed 6.1.8 and tested? Are there any new issues?

What I can tell so far is ...

... some sites with supported ciphersuites and TLS versions which did not work in 6.1.7 are working now

... websites with ECDHE/DHE

Site-to-Site VPN with Dynamic Peer IP address not forming

In this set up, I'm trying to configure a site-to-site VPN between a PA and a Cisco 3G router (whose IP address will be dynamic). I'm unable to get the tunnel working. When I run the command 'show vpn ike-sa gateway <gatewayname>', I get no informati

Disabled policy rules

Hi,

Under monitoring , still disabled policy rules matching to some some session .
And the session status are most of them 'incomplete' .
Why ?
Thanks

What Dynamic block lists do others use?

Hi there,

I have recently started wanting to setup using some Dynamic block lists in my PA box. I just wondered if others use these and if so, which sites do they use?

I was inially looking at using these 2.

www.spamhaus.org

www.openbl.org