Strange URL request in botnet

Hi all,

This morning, spending some time on my palo report and in botnet report there is many alert concerning repeted request to "84.39.153.31/SpamResolverNG/SpamResolverNG.dll?DoNewRequest"

Does someone know what it is ? Is it part of Microsoft emai

Dns vulnerability

Hi,

is there a way to block

DNS Cache Poisining

DNS Server Spoofed Request Amplification DDoS

with Paloalto ?

URL Allow List filters are not functioning as documented.

URL filter is great when working with Categories, but when an exception is published in the allow list there are catches and exceptions.:smileyconfused:

We block-continue Streaming Media, which contains Youtube, which we want to allow users access to

IP to user mapping unreliable

Situation: PC connected to our domain. Domain users log on to it. Domain users have internet access.

The same PC is used for assessments. These (external) users log on with a local user account (not known as a domain user). These users are not allowed

In 5.0.1, what is the full URL to the various captive portal pages?

Hey everyone,

I'm using a PA-2020 on the latest version, 5.0.1. I need to be able to test the end-user experience with Captive Portal. I am also extending some effort to customize the various result pages that users will see, so I need to be able to v

How to handle firewall self-traffic (management traffic / service routing)

Hi,

when I have a global clean-up rule that blocks/logs all unwanted traffic, my firewall management traffic (DNS lookups, PAN-DB updates etc) stop working if I configure it to use any other interface but the dedicated management ports.  So I added a

"Victim Name" and "Attacker Name" in Monitor / Logs / Threat

Does anyone know where I would configure an IP address to resolve to an attacker name or victim name?  I can't seem to locate it in the documentation and tried adding it in Objects > Addresses. victim_name

WWW vs No WWW

I submit URLs to BrightCloud regularly (several times a week).  Most URLs once updated to the filter database work fine with or without the www as part of the URL.  Every so often I will come across a situation where a URL won't load.  For instance,

Blocking Cloud-Based services

Hi Group

I am looking for some practical experience on how to best block as many cloud-based services as possible.

I know I can probably create some Dynamic Filters for some apps, but other may need to be controlled differently (SSL decryption, block t

Multiple Domain and domain name

Hello,

I have deployed 1 cluster of PA 3020(5.0.5) and UIA on 2 servers of the domain.

The domain architecture is as following:

1 parent domain: idf.local

6 child domain: xx.idf.local, yy.idf.local, ...

UIA works well and we have good informations on the

Panorama Log Collector - No Seq Num Acked

I have a deployment that has a pair of M-100s in HA and each of them has a full disk array that's split out into two separate log collector groups.  It seems as if there's an issue of Panorama communicating to the collector devices that should be for

Problem on Web Management Interface

Hi All,

Our PA500 (PAN OS 5.0.4) recently behave unusual, sometime its kick user from web interface after log in for 10 or 15 minutes.

The only error message that I received in the browser said "XML not responding".

Further check in the logs I got this

URL Security Profile DENY not logging

Having an issue with URL filtering not logging the Streaming Media....BLOCKED.  PA is allowing certain individuals based on Security policy and logging it to MONITOR.  It also is blocking other users not allowed by the URL Security Profile, but not l