This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

jpeg file blocking download error

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

jpeg file blocking download error

Go to solution
CHOE-KyungJun
L3 Networker

‎04-14-2022 01:30 AM

Dear Team,

 

I am doing a file blocking test for the jpeg file format.

When uploading a jpeg, it is recognized as a unique threat id below, and I can control it as I want.

 

Name: JPEG File Upload
> Unique Threat ID: 52097

URL : https://threatvault.paloaltonetworks.com/?query=52097

loglog

profile2.jpg

But I want to control jpeg download.

 

For testing, I set it to 'all alert' and continued to download the jpg file.

 

But jpeg download doesn't seem to be detected.

 

I have set the decryption and can control other formats

 

I also tested the dynamic version after changing it.

 

i want to know the solution

 

Thanks in advance,
Kyungjun,

1 person had this problem.
(1)
1 accepted solution

Accepted Solutions

Go to solution
CHOE-KyungJun
L3 Networker

‎05-11-2022 11:35 PM

The 'jpeg' file type was deprecated a long time ago and I've confirmed that now only "jpeg-uploading" is used.

View solution in original post

0 Likes Likes
4 REPLIES 4

Go to solution
LAYER_8
L5 Sessionator

‎04-14-2022 01:12 PM

Are you blocking the app QUIC? Does the destination server use cert pinning or ESNI? 

 

There are many reasons why decryption could be unsuccessful for that session. What does the packet capture tell you?

Help the community! Add tags and mark solutions please.

Go to solution
CHOE-KyungJun
L3 Networker
In response to LAYER_8

‎04-14-2022 07:03 PM - edited ‎04-15-2022 01:38 AM

@LAYER_8 

Dear slick

Thank you for your comment

I blocked quic itself in chrome. Also, 'jpeg-upload' works normally on the same server.

I've also tested it in other browsers, but it doesn't solve the problem.

I think there is a problem with 'jpeg'.

Please let me know if anyone is normally controlled when only jpeg is set in file blocking.

0 Likes Likes

Go to solution
LAYER_8
L5 Sessionator

‎04-19-2022 09:36 AM

You may or may not have received this email (please note that second bullet under detailed instructions, it is the kicker):

 

Dear Palo Alto Networks Super User & Domain Administrator,
You’re receiving this email because you’re a Super User or Domain Administrator of a Palo Alto Networks account.
As part of our continuous security enhancements, your teams’ accounts will need to be updated to meet enhanced security requirements. Key changes include:
  1. Users will require Multi-Factor Authentication
  2. Password will need to be changed every 365 days
  3. If a user enters incorrect passwords 5 times, their account will be locked out for 15 mins
Detailed Instructions
  • Starting April 14th, 2022, users will be prompted to change their passwords. Password policy requirements: a) minimum 11 characters, b) at least one each of uppercase, lowercase, numbers, and special characters.
  • Multi-Factor Authentication (MFA) is crucial to protect data against credential theft and damage. When users login on or after April 14th, they will be asked to enter an MFA verification code, which they will receive in their registered email every time they login.
  • Two weeks prior to April 14th, we will send your users a separate email notifying them of these changes and using MFA
  • In case you have issues, please reach out to our team at Contact Support, or open a support case at https://support.paloaltonetworks.com.
Thank you!
Palo Alto Networks
www.paloaltonetworks.com
 
We haven't gotten a clear response from our IT org why this is better/more secure than an auth app.
Help the community! Add tags and mark solutions please.
0 Likes Likes

Go to solution
CHOE-KyungJun
L3 Networker

‎05-11-2022 11:35 PM

The 'jpeg' file type was deprecated a long time ago and I've confirmed that now only "jpeg-uploading" is used.

0 Likes Likes
  • 1 accepted solution
  • 2723 Views
  • 4 replies
  • 2 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks