- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
02-26-2014 03:40 AM
Hello
I am testing wildfire with FW 6.0.0 and WF-500 6.0.0
I don't know what purpose 'download sample file' button and how to use.
Could someone please let me know it?
02-26-2014 04:31 AM
Hi cheon,
this sample was determined to benign. If you believe this verdict is incorrect, you can send a sample to PA for more analysis.
This could be done by "download file" then you can upload this sample to wildfire.paloaltonetworks.com
Cheers Klaus
02-26-2014 07:29 PM
Cheon,
The button and the function associated with it is to allow you to pull a copy of the file so that you can test if if you wish in a local environment.. You can also run your own antivirus or anti-malware tools against it. We sometimes run the software sample in a virtual environment of our own to better understand what the software does. This is quite useful for the spyware or adware like programs that may trigger a malicious rating. Often shareware or some utility software may trigger alerts as being malware any you may wish to run the software yourself in a safe and isolated environment. In our case we are not in the same location of the majority of our users so if we can emulate the event then we can better asses those borderline pieces of software and pass judgement on them. Hope this sheds some light,
Phil
02-27-2014 12:49 AM
Hi HITSSEC,
you are right. It is not to PA it is from PA to have the possibilties you mentioned. So my fault, sorry.
Cheers Klaus
02-27-2014 08:24 PM
Thanks for the answer.
I think the sample file does not equal the real PE , Office and PDF file.
So can WF-500 make from real file to sample file? How to sampling?
And I don't know how to use the sample file.
What software should i use for the sample file.
Please let me know way with example to use the sample file.
Cheon
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!