10-28-2014 07:08 AM
10-28-2014 01:17 PM
Hi SLV,
Yes you are right, 6.0.6 has some time. As suggested 6.1.0 has fix.
Regards,
Hardik Shah
10-28-2014 02:00 PM
Hi Tigran,
What did TAC say ? Did they suggested same bug and solution ?
Regards,
Hardik Shah
10-30-2014 03:01 AM
Hi hshah,
Here is the answer
Hi Tigran,
Thank you for calling Palo Alto Networks. It was nice talking with you.
----------------------------------------------------------------------------------------
Issue Faced: Storage space on "/" partition was 98%
----------------------------------------------------------------------------------------
Steps Taken:
--I logged in as root and deleted the file in /var/log which was consuming lots of space
--This file logs failed SSH attemps and can increase in size during brute force attack.
--The issue is resolved in PAN-OS 6.1 and is tentatively scheduled to be resolved in PAN-OS 6.0.7 as well:
66208 A brute-force attack on an unprotected management interface on the firewall caused the /var/log/btmp log file to inflate and consume available disk space. With this fix, PAN-OS enables a log rotation function for failed SSH logins, such as those from brute-force attacks.
As discussed I will now proceed with case closure.
Thanks and Regards
Chetan Sharma
Technical Support Engineer
Shift Time : 2:00 PM – 11:00 PM CDT (GMT-5) Monday-Friday
Palo Alto Networks
10-30-2014 05:42 AM
Hi Tigran,
I am glad is same bug and same resolution. Let us know for additional queries.
Regards,
Hardik Shah
10-31-2014 02:39 AM
Ok, Thanks Hardik for Support.The Only thing i didn't get, why PAN doesn't give the clients the root accesses to root directory to clean the diskspace themselves?
Best
Tigran
10-31-2014 03:27 AM
Hello Tigran,
The root access is restricted to only TAC resources. :smileylaugh:
Thanks
10-31-2014 05:02 AM
Not sure why, but may be for security reason.
Thanks
10-31-2014 05:02 AM
I am sure having root access for end user will cause many extra problems.
10-31-2014 05:04 AM
but if there are more advanced Admins than me.I don't think that the disk space clean up is very difficult action 
)
Best
Tigran
10-31-2014 05:37 AM
Hi Tigran,
I think its not given because of security reasons.
Regards,
Hardik Shah
10-31-2014 05:47 AM
Hi Hardik,
I understood.But I think the groups of admins can full manage their devices and firewalls.Iinteresting if one of customers asks to give him full access, will it happen?
Thanks
Tigran
10-31-2014 08:52 AM
Hi,
root Access is a one time Password through Challenge/response method.
I am pretty sure that NO Customer will get the response generator. 😉
Even the Authorized Service Center don't get it.
Regards
Marco
10-31-2014 08:56 AM
Hi Tigran,
Root access is not given to end customer in any circumstances, that is good for end customer. There are some security reasons for that which even I dont know
Regards,
Hardik Shah
11-02-2014 11:00 PM
Hi Marco,Password through Challenge/response method.
I didn't get what does Password through Challenge/response method mean?Could you please explain?or give an example?
Thanks
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
