application

Guys, good afternoon.

I have a very confusing problem, I try to access a certain "HTTP" site and I get an error (It is not possible to access that site), we perform a test outside our network and the access is done normally.

Analyzing the LOGS, I fo

User-ID only tags IPv4 or IPv6 address in dual stack

I've got the User-ID agent installed on three servers and I've recently began enabling IPv6 internally and I've noticed a problem.  The traffic logs in Palo Alto only associate either the IPv4 address or IPv6 address of a machine with a username depe

can MineMeld be installed on ubuntu 20.04?

I'm getting this error, how do i get around it?

$ sudo apt install -o Dpkg::Options::="--force-overwrite" -y minemeld
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This m

NGINX configuration for SSL Inbound Inspection

Hello everybody,

  I'm trying to enable SSL Inbound Inspection to decrypt traffic to an internal webserver that runs on NGINX. I have already added the server certificate and key, and set up the corresponding decryption policy. The problem is that th

trust-untrust common apps block user

Without giving any low level info

how would a person go about a blocking a single user, via policy, get blocked from trust-untrust common apps w/o affecting other users?

Create a policy above it? Or negate the user?

Using MineMeld to provide list of IP addresses to be used as EDL in PaloAlto firewall

Hello,

My requirement is to use MindMeld to host a list of IP addresses that needs to be blocked in the PA firewall using EDL. I am unable to find the relevant docs. 

Please help!

Disable TCP 1323 Timestamp response through Palo Alto Firewall?

Hi,

I'm wondering whether is there a way to set the PAN Firewall to detect and drop TCP 1323 Timestamp queries to servers?

According to some web vulnerabilities scanning reports, it is reccomended to disable the TCP Timestamp as it discloses server upt

TCP timestamp response During the vulnerability assessment

In my case, the team is performing a vulnerability assessment on PA820

Vulnerability Title: TCP timestamp response.

Description: The remote host responded with a TCP timestamp. The TCP timestamp response can be used to approximate the remote host's upt

Prelogon - PanCredGet

PAN-OS - 9.0.3

Global Protect 5.0.3

We are having problems with GPPrelogon. 

Logs:

(T7612) 07/22/19 15:20:16:670 Debug(5727): REGION-PRIO, region code is GB
(T7612) 07/22/19 15:20:16:670 Debug(10868): REGION-PRIO, save region code GB
(T7612) 07/22/19 15

Best siem

Hello all its been a long time, since they took away my sentinel role I haven't been on here much. Does anyone have a recommendation for a siem?