General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Anti-spyware Profile Rule category explanation

Does anyone have some document that explain the different categories in Anti-Spyware profiles? They're kind of self explaining, but does anyone have a document similar to the URL category explanation?

 

Thanks

17098052_10207743432858343_7241440398395006066_o.jpg
gtomte by L3 Networker
  • 2658 Views
  • 4 replies
  • 1 Likes

Resolved! FTP Protocol Injection Bypass Palo Alto Firewall

Hi 

 

About  News SMTP over XXE attacks against Linux-based firewalls.

- link (https://www.bleepingcomputer.com/news/security/java-and-python-contain-security-flaws-that-allow-attackers-to-bypass-firewalls/)

 

How we can create custom signature or  disab

...

Resolved! User-ID. Is WMI really needed?

Hi all

 

I have an end-customer who is using ServerMonitoring and User-Id agent at the same time. His AD has been audited by Microsoft and discovered that their performance is affected by thew WMI probbing. My questions is. If they remove all ServerMon

...

SOC_CSG by L4 Transporter
  • 2904 Views
  • 4 replies
  • 1 Likes

Resolved! HA scenario questions?

Hi folks,

 

I am learning (self training at this point) about my company's two Palo Alto 3020 devices in our datacenter.  We are currently only using one device for our routing, firewall, etc.  I am tasked with eventually configuring the second one as

...

PA_HA.jpg
OMatlock by L4 Transporter
  • 1646 Views
  • 3 replies
  • 0 Likes

New Minor Support

One of my customers wants to see new Minors for these feeds below. Is there anything planned? If so, what is the timeframe?


Thanks!

 

1) Crowdstrike
2) CCIRC - I can see one for Australia named AusCERT. Anything for Canada?
3) R-CISC – Retail Industry

...

Youtube streaming not blocking

We want to block youtube streaming via Palo Alto. We create the Custom URL Category "testing" and enter the site "*.youtube.com" (with quotation). We select the testing category in Decrpytion profile and Action "Decrpyt" and Type SSL Forwarding. We c

...

Resolved! O365: No Indicators, Miner not working

Hi,

 

we use Minemeld for grabbing the Microsoft Office 365 IP's and URL's. 

It run's on a VMWare Server, build with the "Full" .ova with Ubuntu & Minemeld.

 

The installation works fine. After importing the config "office365-config.yml" no indicator

...

Resolved! Single IP List

Just getting started with Minemeld - I noticed that even if a single IP feed is provided (e.g compromised IP list), the inboundfeedmc list still shows as an IP range, e.g 

1.179.202.22-1.179.202.22

It is possible to get jts a list of single IP addresse

...

calamari by L1 Bithead
  • 3478 Views
  • 5 replies
  • 0 Likes

What's new in MineMeld 0.9.34

Release Date: 2017-03-06

 

How to update: Updating MineMeld

 

This is mostly a bug fix release.

 

Core

  • Fixed a pesky bug affecting O365 Miners
  • Added a new parameter to output feeds to translate IP Ranges in indicators to CIDRs, see tr parameter in htt
...

lmori by L7 Applicator
  • 1954 Views
  • 0 replies
  • 2 Likes
Top Solution Authors
Top Liked Authors