Welcome to the Threat and Vulnerability Forum
The purpose of this forum is to discuss security vulnerabilities and threats. Palo Alto Networks believes that understanding todays threat landscape is critical to effectively detecting and preventing cyb
...
Hi, sorry if this is a stupid question, maybe we need a Reddit-style "ELI5" forum ;o)
I have been turning a blind eye to a background hum of China Chopper alerts for some time, so I thought I would try to understand what is going on. The thing is t
...
I have Googled this and read up on numerous links, but I cannot find anything of value on this threatID. I have 30-40 events a day from various IP addresses on my network, usually 1 event per IP, sometimes 2 events. I have scanned several of the PC
...
I configured a URL filering profile that doesnt filter any topic & just blocks 2 URL's as a test. This was working a few days ago but stopped. There have been no new changes commited since & the security policy is still in the same order. Even loo
...
Hi,
When the Palo Alto blocks a communication that is flags as a threat (ie: SQL Injection, XSS, etc.), should we investigate the target IP to make sure that the threat was blocked? The reason I'm asking is that whenever the Palo Alto blocks an attac
...
The only type of external dynamic list i appear to be able to specify in my firewall policy is a dynamic IP list (not a dynamic domain list). And the formatting of such lists appears to be purely for IP addresses. So my question is, how can i specify
...
Hi Community.
The below article states that "The Antivirus profile has decoders that detect and prevent viruses and malware from being transferred over six protocols: HTTP, SMTP, IMAP, POP3, FTP, and SMB":
https://www.paloaltonetworks.com/documentati
...
Hello folks,
Curious if others have been getting a ton of alerts for this threat like we have?
Anyone have a goto website for reading up about latest threats or researching certain CVE?
I defined two miners - Alient_Vault_Reputation and Bambenek_Consulting - and assigned them to the appropriate processor and output. I then added them to a global deny rule in PA.
Are there any other recommended prototypes with a high reputation to ad
...
All 3 are using same antivirus profile. While the informational shows as block, high shows as allow. Its only for smtp that .exe files are set to be blocked. All is set to drop.
Hi all,
Does anyone know how to directly interact with the URL filtering team besides urlfiltering.paloaltonetworks.com? I would especially like to reach a manager. I am having huge problems with them. I keep submitting sites on which scanners hav
...
Hi Expert ,
Please suggest to me about how to avoid CVE-2018-11776 what are affecting about this vulnerability also palo alto firewall can detect or prevent CVE-2018-11776 ?
Thank you
Use case : Ours users go through Palo alto for internet access. Decryption feaures has been enabled.
When users try to access to internet may failed because the decryption-error.
We need a solution to automate URL SSL decryption exclusion and log urls
HI All,
We detected Vulnerability: 36926 ID- GnuTLS Server Hello Session ID Heap Buffer Overflow in Palo Alto firewall. In our cutomers Firewall enviroment we not enable the SSL Descryption Feature.
Customers Queries us.. How and Why Palo Alto able
...
Hello everyone,
Im trying to find out if its possible to block all countries except for two - United States and India easily. The only way we can see right now is to go country by country adding them into the list. Can someone please assist if the
...
Hi,
We are faced with the connectivity issue when we tried to download the URL filtering DB from PAN-DB. As the firewall has an external interface to the internet, we have changed the service route for “Palo Alto Networks Services” to the external in
...
OtakarKlier
on:
Denial of Service Investigating
