Analysis ransomware

Hi,

One of our servers have been infected by any kind of ransomware. We can see several files encripted. So we are seeing any evidence about the infection in the PA. The only trace that we saw in PA is that the infected server sends many dns sessions

what does these values mean snmpEtherStatsRXNoErrors and snmpEtherStatsTXNoErrors ?

Hi,

Trying to rule out the a file transfer througputput issue,  looking at the interface stats,

1.  Is there a technote explain these values mean?

2.  What are these values mean snmpEtherStatsRXNoErrors and snmpEtherStatsTXNoErrors ?  

Thanks,

E

admin

Is there a way to make URL custom allow list take precedence over the block lists

Hi All,

I have an issue where we at times we block whole domains but we sometimes need to allow one sub-domain through.  We recently put in the Palo Alto content filter and we have found it behaves very differently to our previous content filter whic

Site to Site VPN cannot use any private network range

Hello,
I have to set up a Site-to-Site VPN so our users can access some resources on a clients network. As we had here a lab firewall, another Palo Alto, I set up a test between our production and lab. This worked and I was able to connect. For the ac

Paloalto PA-820 automatic restart

Dear All

 I have a problem, why suddenly our paloalto PA-820 automatic reboot?

This is informations :

Paloalto suddenly restart own self.

Logging :

1. flow_mgmt: Exited 4 times, must be manually recovered.
2. tasks: Exited 1 times,

Sudden login issues with Minemeld on Ubuntu 14 and can't login under Ubuntu 16

First post was marked as spam for some reason so here goes try #2 with a more specific title

Never been able to get a solid ansible deploy to CentOS so stuck with Ubuntu 14 manual install but....after staying up way too late last night trying to fi

"uknown" in session end reason?

Have any of you seen "unknown" in the "session end reason" field?

PA-5220 running 8.1.8.

9.0.3 fails to download because 9.0.0 is 'not loaded' (but that's not the case)

Anybody seen this already?

Although 9.0.0 is already downloaded/installed the error is the one you get if you're running a 8.1 release and downloads 9.0.3 without first downloading the 9.0.0 base image.  Same behaviour with 9.0.1 and 9.0.2.  Device is

Panorama Serial

Hi

I have deployed PA-VM-ESX-8.1.2.ova

I have powered on the vm and opened the gui.  I want to input the serial number that I have been given.

- Select PanoramaSetupManagement and edit the General Settings

- Enter the Serial Number and click OK

- Selec

Does 2 spaces cause issue with group mapping

A securit policy is not getting used because ad group i entered is not matching the policy. On checking the cli i cannot list users in the ad group and get invalid syntax error.

show user group name cn=r-emp-it imp adm,ou=role restricted,ou=groups,ou

PBF Rule not being hit

I am experiencing an issue with one of our PAN devices, which is a PA-500 running OS 7.0.19. I have created a new PBF rule to forward traffic from a certain subnet to the inside interface of our edge router. I have several other rules pointing other