Threat & Vulnerability Discussions
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Threat & Vulnerability Discussions
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
About Threat & Vulnerability Discussions

Welcome to the Threat and Vulnerability discussion forum. This forum exists as a resource for security professionals to discuss and share information pertaining to the topics of threats and vulnerabilities.
Not a LIVEcommunity member? Simply click here and register!

Discussions

Sinkhole dns-wildfire

How does the dns-wildfire threat category work? I've seen a log entry, but there isn't any traffic to the sinkhole IP. The action is sinkhole and reported as generic:malicious.domain1. I have confirmed that sinkhole does work for regular threat categ

...

mike406 by L2 Linker
  • 4136 Views
  • 1 replies
  • 0 Likes

Resolved! URL wildcard use

We have insufficent-content category blocked. And when trying to allow a specific url using wildcard i am having issues.

 

when *.figuringoutmelody.com is used it is allowed on port 80 only while ssl gets blocked. website seems to redirect form www.fig

...

image.png
image.png
raji_toor by L4 Transporter
  • 13032 Views
  • 2 replies
  • 0 Likes

C&C Traffic Direction re China Chopper

Hi,  sorry if this is a stupid question, maybe we need a Reddit-style "ELI5" forum ;o)

 

I have been turning a blind eye to a background hum of China Chopper alerts for some time, so I thought I would try to understand what is going on.  The thing is t

...

djr by L4 Transporter
  • 5559 Views
  • 2 replies
  • 0 Likes

Dynamic IP lists and FQDN?

The only type of external dynamic list i appear to be able to specify in my firewall policy is a dynamic IP list (not a dynamic domain list). And the formatting of such lists appears to be purely for IP addresses. So my question is, how can i specify

...

  • 511 Posts
  • 71 Subscriptions
Top Liked Authors