Threat & Vulnerability Discussions
cancel
Showing results for 
Search instead for 
Did you mean: 
Threat & Vulnerability Discussions
About Threat & Vulnerability Discussions

Welcome to the Threat and Vulnerability discussion forum. This forum exists as a resource for security professionals to discuss and share information pertaining to the topics of threats and vulnerabilities.
Not a LIVEcommunity member? Simply click here and register!

Forum Posts

DNSProxy - Resolve-Fail - cpsc.gov

Warning: very new to PANOS. I'm seeing a TON of these messages, to the tune of about 2-300 per second in my system log: Failed to resolve domain name: cpsc.gov after trying all attempts to name server(s): mynameserverinternalip. I've read that this d...

HavisIT by L0 Member
  • 3024 Views
  • 0 replies
  • 5 Likes

Flurry of Ramnit Detections

Around 04:00-05:00 yesterday my users triggered a series of ramnit detections which were blocked, but when I looked at the logs it seems a bit unclear. The threat logs are reporting that the file postprocess.dll carried the malware, but tying the URL...

djr by L3 Networker
  • 1723 Views
  • 0 replies
  • 0 Likes

Tcp flood

Hi,today from 15.10 to 16.10 I received more than 15600 calls from the same IP. The Windows 2012 server already has a function against SYN ATTACK and TCP FLOOD, and I see it on the tcp-rst-from-server log monitor, but they are very small compared to ...

attacco.jpg
flood.jpg
s_quasar by L3 Networker
  • 6400 Views
  • 2 replies
  • 0 Likes

Office 365 - Poodle Vunerabilties

Threat ID - 37144 Question or insight about Microsoft practices with not hardening against poodle. Why am I still getting alerts for these vulnerabilities, is it because I don't have proper SSL forward proxy yet enabled? Or is it because my Office 36...

CZaloba by L1 Bithead
  • 1754 Views
  • 0 replies
  • 0 Likes

ACC risk factor

Looking at our ACC tab, I see that SMTP traffic has a risk of 5. We only accept SMTP from our Symantec.cloud smart host. It is then decrypted coming into our firewall and scanned again. We do not decrypt outgoing SMTP, but we do have an anti-virus sc...

Resolved! Cascading URL Filters?

To the world, creating Security rule for a specific user (call it, a rule to permit access dodgy website access), what's involved in "cascading" the rule - so, if there's no matches on that rule, that same user would be challenged against a General W...

CVE-2017-6770

Hi , I would like to know whether Palo alto able to detect this CVE-2017-6770 since i cant find this in threatvault . Is there any preventive solution from Palo Alto to safely guard this vulnerable from being taken advantage of? Thanks.

Top Solution Authors
Top Liked Authors