Testing WildFire

I did some test on WildFire. I've created backdoors, link backdoor with a legitimate file, and playing around with malware, and obscure malware with the goal to bypass.

The result and scenarios can be found on my website.

Any comments or remarks are we

Custom signature based on URL and number of hits?

Hi,

I have a requirement to generate alert if a website is accessed frequently in short time. For e.g. www.google.com is accessed every 5 mins etc. Is there any way to generate a signature based on URL and hits?

Global Protect SSL error

Ok group I have a nice and simple question about trying to get GP up and running. Everything (I think) looks right, and configured, but I am not able to quite get my client connected to the Gateway

(T10944) 03/12/13 11:56:27:075 Debug( 742): File C:\P

PA-200 USB port

Hello,

So have any of you found any cool uses of the USB port on the PA-200?

I myself have connected my Raspberry Pi to it. The PA-200 gives more than enough power and I have also connected a wireless usb adapter to the raspberry.

The raspberry serves a

Captive Portal

Scenario:

I want to authenticate unknown users from my network to the internet.

I´m able to authenticate users in my ldap server using the web form, from my captive-portal in my pa-500.

But my issue is this:

Before the users receiving the portal page the

Anti Virus Logging

Hi,

Where do antivirus profile alerts log to?

Also, if I set the action to "block" for a decoder in the antivirus profile, does it still log the event?

Any help is greatly appreciated.

M

Howto validate security policies for content inspection enabled ?

Dear all,

How would it be possible to validate the security policy rules to have all a content inspection profile enabled?

Because the "option" field does not allow to be selected as filter in the editor tab. (as this is the case for e.g. addresses or

IP-RBLs for firewalls

Riddle me this…

We have issues with malicious traffic coming from Open Proxies, Known Bad Hosts, etc.

Is there such thing as an all IP, Realtime Blacklist for firewalls. There are certain external servers I dont want to be accessible by known bad netw

Active/Active 5.0.2 management interface shutdown

We are running 5520's A/A. Today we experienced an issue with one of the boxes managment interface shutting down. We had to power cycle the box to get the mangement interface back up.

Is this a known issue?

We are running 5.0.2

Thanks