This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Block Hashes

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Block Hashes

Joshan_Lakhani
L4 Transporter

‎03-28-2020 10:33 PM

how to block hashes in firewall . 

1 person had this problem.
0 Likes Likes
7 REPLIES 7

SutareMayur
L7 Applicator

‎03-28-2020 11:58 PM

@Joshan_Lakhani,

 

Currently it is not possible to block hashes in Palo Alto Firewall.

 

Mayur

M

Check out my YouTube channel - https://www.youtube.com/@NetworkTalks
0 Likes Likes

Joshan_Lakhani
L4 Transporter
In response to SutareMayur

‎03-29-2020 03:54 AM

Can we block file hashes in paloalto

 

0 Likes Likes

Joshan_Lakhani
L4 Transporter
In response to Joshan_Lakhani

‎03-29-2020 04:27 AM

For reference file is pasted below .

 

filename

md5

sha1

sha256

ssdeep

note

CuscalApplication.exe

01d397df2a1cf1d4c8e3615b7064856c

43a7858a0564c500e7f248762353f5b1ec3f3ef8

d928b1c1096e636463afbd19f40a6b325e159196b4497895748c31535ea503dc

3072:Ub9gBv06BB7AIiTYhs5UCe0lvtvxQGsRrDhuO7GXFeD1nylc/Bx4:Ubi+6LAIJhs551xFsF5S1eUYO

Lazarus/FASTCash malware, fraudulent job application campaign

0 Likes Likes

SutareMayur
L7 Applicator
In response to Joshan_Lakhani

‎03-29-2020 05:21 AM

@Joshan_Lakhani,

 

Unfortunately, right now there no option to block file hashes in Palo Alto. You can try by creating Custom Signature for your use case.

 

Mayur

M

Check out my YouTube channel - https://www.youtube.com/@NetworkTalks
0 Likes Likes

Joshan_Lakhani
L4 Transporter
In response to SutareMayur

‎03-29-2020 05:23 AM

thanks for you reply

 

Is any document for Customer  signature to block this hash

0 Likes Likes

SutareMayur
L7 Applicator
In response to Joshan_Lakhani

‎03-29-2020 06:15 AM

@Joshan_Lakhani,

 

Actually it is not possible to create custom Signature in PA based on file hash value. But yes there are options custom signatures based on file types patterns. Please refer below articles.

 

https://live.paloaltonetworks.com/t5/Custom-Signatures/Detecting-a-specific-Linux-binary-ELF-file-us...

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClOFCA0

 

Hope it helps you!

 

Mayur

M

Check out my YouTube channel - https://www.youtube.com/@NetworkTalks
0 Likes Likes

OtakarKlier
Cyber Elite
Cyber Elite
In response to SutareMayur

‎03-30-2020 10:07 AM

Hello,

Take a look at a program that blocks on these features. Maybe block it with your AV or some other app whitelisting application such as bit9.

 

Regards,

0 Likes Likes
  • 8487 Views
  • 7 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks