Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Dynamic Update Issue?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Dynamic Update Issue?

L1 Bithead

Our library has a Millenium server, the application is millenium-ils.

It stopped communicating after APP+Threat  release 484 installed.

I rolled back to APP+Threat release 482 and it restored communication.

This morning APP+Threat  release 485 installed and once again the Millenium Server is unreachable.

Performed the roll back to 482, and it is working fine.

Has any one else seen this?

4 REPLIES 4

L7 Applicator

Hello Mikempo,

Based on the version 484 Application and Threat Content Release Notes, there are no changes has been implemented for millenium-ils application on this database. Could you please let me know, is it reflecting in your "deny" traffic logs.

You may expand the traffic logs for the Millenium Server and share with us. From the traffic log viewer, we will come to know if that traffic is getting blocked by any of the security profiles ( as a false positive)  i.e vulnerability, spyware etc.

For an example:

traffic-logs.JPG

Thanks

Hulk,

Sorry to take so long.

I checked the Threat logs and filtered with millenium-ils and received a /General Exploit Host Webpage/ under the name column.

The signature ID is /37349/ Severity: High.

Under my custom VP profile, High is blocked.

Last week, I opened a ticket with PA, they gathered info.

This morning they got back to me.

They could not replicate the issue.

They are suggesting a debug (FW off-line).

VP 487 downloaded and installed Tuesday night with same results.

I created an exception on my VP profile to allow ID 37349.

This is where I stand at the moment....

Mike

Hello Mike,

Could you please let us know the case ID. To investigate this issue, PAN TAC should take below mentioned information:

---- A full session pcap for RX, TX, FWW, DROP all 4 stages in PAN firewall.

---- Flow-Basic, App-ID Basic.

---- pcap at the soucre and destination as well ( if possible)

---- session details (between source and destination)

--- >show session id xxxx

Thanks

Hulk,

[Case#: 00298164 ] - Millenium-ils app stopped working after content update

Mike

  • 3081 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!