Threat & Vulnerability Discussions
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Threat & Vulnerability Discussions
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
About Threat & Vulnerability Discussions

Welcome to the Threat and Vulnerability discussion forum. This forum exists as a resource for security professionals to discuss and share information pertaining to the topics of threats and vulnerabilities.
Not a LIVEcommunity member? Simply click here and register!

Discussions

NetBIOS in todays world

Hi Community,

 

I'm curious about your opinions to NetBIOS traffic.

I'm aware, that you can disable NetBIOS per interface via ncpla.cpl or via DHCP options.

 

With typical customers and current systems, you still see netbios connection between Windows sys

...

Chacko42 by L4 Transporter
  • 1892 Views
  • 2 replies
  • 0 Likes

Content-ID - Hold Client Request

Hi All,

 

I'm curious to know how many of you have implemented the URL Filtering best practise, Content-ID - 'Hold client request for category lookup' feature? This feature is of particular interest to me because without this feature, the logs of other

...

Josh990 by L2 Linker
  • 1681 Views
  • 0 replies
  • 0 Likes

Resolved! Possible false positive C2 traffic

Hello,

Starting on 31st of October following the threat and content update 8480-7019, we noticed that traffic to wordpress sites ending in the URL wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js is being flagged as generic C" traffic. Che

...

Certificate vulnerabilities

I have found several of my network devices are showing up within our vulnerability management scanner with X.509 Certificate Subject CN does not match the entity name as a vulnerability. This is more than likely a DNS issue as I do not have any netwo

...

mcruz10 by L0 Member
  • 2340 Views
  • 2 replies
  • 0 Likes

Resolved! Getting SMB brute force logs

hey, guys hope you are doing well One of my customer getting the logs of SMB: User Password Brute Force Attempt for a particular user as the user is connected to Global VPN to LAN the port 445 getting reset both traffic logs in threat logs all things

...

Top Solution Authors
Top Liked Authors