-
Welcome to the Threat and Vulnerability Discussion Board
Welcome to the Threat and Vulnerability Forum The purpose of this forum is to discuss security vulnerabilities...
03-27-2017 Posted by N/A0 Replies3 Likes5831 Views
-
SSH Proxy decryption disables vulnerability protection?
Hello everyone, I'm doing some tests with decryption and vulnerability protection. I configured NAT and securi...
02-03-2021 Posted by grenzi3 Replies0 Likes249 Views
-
Blocking external IP addresses and blacklists
Hi,I have some questions regarding the PAN-OS and blocking IP addresses.We are getting daily emails with lists...
10-30-2017 Posted by lukerath3 Replies0 Likes11094 Views
-
Automatic IP block-list PAN 8.0
Hello all,Iam wondering if there is any way to let's say block the IP address from a source for a set period o...
04-10-2018 Posted by ebenditt13 Replies0 Likes6051 Views
-
DNS Tunneling
Im trrying to detect dns tunneling with custom signatures.i have some snort rules to begin.some of you have an...
02-05-2020 Posted by Torito3 Replies0 Likes1078 Views
-
custom snort signature add the pattern if the context operat...
creating a custom snort signature on Palo alto Firewall but didn’t found the concern context operator for matc...
10-07-2020 Posted by Mohammed_Yasin3 Replies0 Likes766 Views
-
Need to disable SNMP setting from WF-500 private cloud
For vulnerability1) SNMP Agent Default Community Name (public) port - UDP 1612) SNMP 'GETBULK' Reflection DDoS...
02-17-2021 Posted by PankajDhobe0 Replies0 Likes93 Views
-
Virus/Win32.WGeneric.aeulpb (297499053)
Hi Community,We are seeing this signature in our environment forms-ds-smbv3 application. PAN is marking the in...
02-16-2021 Posted by Sahil_Arora5 Replies0 Likes279 Views
-
TCP timestamp response on MGMNT IP
In my case, the team is performing a vulnerability assessment on PA820Vulnerability Title:TCP timestamp respon...
02-09-2021 Posted by Mohammed_Yasin0 Replies0 Likes98 Views
-
Microsoft Directory Services/ms-ds-smbv3 - /Virus/Win32.WGen...
Hello,We are seeing so many alerts in the threat logs that are linked to:Virus/Win32.WGeneric.badouvName: Viru...
02-04-2021 Posted by Elhitti2 Replies3 Likes1080 Views
-
Vulnerability found on Firewall Need to address
Hi Team,We are getting following vulnerabilities on one of our PA Firewall. Kindly suggest the next PoA regard...
01-29-2021 Posted by SahulH5 Replies0 Likes352 Views
-
SkyVPN - Really a C2 threat?
Hi, I have just spotted a treat alert of SkyVPN C2 traffic (ID 18871) in my logs and looked at the entry on th...
03-31-2020 Posted by djr1 Replies0 Likes765 Views
-
Port Scans & Telnets on a PA running 8.0
I am new to the world of PA and next gen firewalls and took some online training. I discovered that in the Tra...
08-03-2018 Posted by MarioMarquez3 Replies0 Likes1625 Views
-
Microsoft Directory Services/ms-ds-smbv3 - Virus/Win32.WGene...
We are see numerous alarms from our SIEM from our Palo Alto firewall. Here is a copy of a scrubbed log message...
05-05-2020 Posted by NiganDong7 Replies0 Likes2955 Views
-
Zone protection on sub interfaces
Apologies if this is going over old ground but I have an issue with zone protection and am stumped trying to w...
02-01-2021 Posted by laurence640 Replies0 Likes90 Views
-
Anyone know where Palo is on NAT Slipstreaming V2?
Hello,Just curious if there is a definition for the new variant referenced here:https://www.armis.com/resource...
01-26-2021 Posted by silvioopt14 Replies2 Likes1433 Views
- Sahil_Arora on: Virus/Win32.WGeneric.aeulpb (297499053)
- mivaldi on: Microsoft Directory Services/ms-ds-smbv3 - /Virus/Win32.WGeneric.badouv
- grenzi on: SSH Proxy decryption disables vulnerability protection?
- mivaldi on: Vulnerability found on Firewall Need to address
- btenberge on: Best practice stopping attacks from outside
-
OtakarKlier
on:
Anyone know where Palo is on NAT Slipstreaming V2?
- mivaldi on: The production application triggered the "HTTP SQL Injection Attempt" threat alert, resulting in the
- t-katsuki on: About vulnerability protection and url filter action
- reaper on: To block unauthenticated inbounds connections by default.
- mivaldi on: Block hash value
