Threat & Vulnerability Discussions
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Threat & Vulnerability Discussions
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
About Threat & Vulnerability Discussions

Welcome to the Threat and Vulnerability discussion forum. This forum exists as a resource for security professionals to discuss and share information pertaining to the topics of threats and vulnerabilities.
Not a LIVEcommunity member? Simply click here and register!

Discussions

Resolved! Getting SMB brute force logs

hey, guys hope you are doing well One of my customer getting the logs of SMB: User Password Brute Force Attempt for a particular user as the user is connected to Global VPN to LAN the port 445 getting reset both traffic logs in threat logs all things

...

Zone protection flood thresholds

I get ICMP and UDP flood alert messages from my external zone protection profile all the time. It does not seem to impact production - but not totally sure on that though.

We just have 1 - 5220, no Panarama. Anyone have any advise as to how best to co

...

Resolved! DNS Security

Hello,

Is there any way to turn off the following information after commit on 9.0.1 with Anti-Spyware Profile attached to Security Policy?

I can't delete Palo Alto Networks DNS Security option from Anti-Spyware Profile.

 

Warnings

  • Warning: No Valid DNS Se
...

lcelinski by L1 Bithead
  • 26244 Views
  • 11 replies
  • 3 Likes

Vulnerability CVE 2021-3050

Hey, guys, one of my clients want the POA (Plan of Action) for this vulnerability what should I check in the firewall. I checked the Traffic WAN TO WAN the security Profiles are attached properly but the management IP is pvt i access the firewall by

...

case ID-01857601

Hi,

 

After executing below cmd we are not able access SSH 

 

> configure
# delete deviceconfig system ssh
# set deviceconfig system ssh ciphers mgmt aes256-ctr
# set deviceconfig system ssh ciphers mgmt aes256-gcm
# set deviceconfig system ssh default-hostk

...

Resolved! Colours Whatsapp Spyware

Hi

 

I am seeing these alerts GENERIC:COLORS.WHATSAP.TOP(345898629) on a regular basis recently, they start at random times and they persist for around an hour then drop.

 

Has anybody else seen this ? we have checked the host that is generating the aler

...

  • 507 Posts
  • 69 Subscriptions
Top Solution Authors
Top Liked Authors