This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Threat & Vulnerability Discussions
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
Threat & Vulnerability Discussions
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
About Threat & Vulnerability Discussions

Welcome to the Threat and Vulnerability discussion forum. This forum exists as a resource for security professionals to discuss and share information pertaining to the topics of threats and vulnerabilities.
Not a LIVEcommunity member? Simply click here and register!

Discussions

Start a conversation

Need to Verify traffic.

Hello All,

 

I am using PA-820, i only have cli access to device. I will require to verify traffic from a particular source and destination on the device. Do we have any commands to do that ? May be something like packet tracer to get all the routes /

...

Increased FP's for Wildfire Viruses

Has anyone noticed an increase in the number of false-positives being generated by Wildfire in the last few weeks?

 

I seem to be getting a increased number of alerts for WF learnt viruses on apps that have never caused issues before.  Always worried t

...

apackard by L4 Transporter
  • 3944 Views
  • 2 replies
  • 0 Likes

Resolved! UltraSurf 18.02

Hi, I´m getting some trouble trying to block ultrasurf. First i blocked it with App-ID and everything was ok, until some users of the internal network downloaded a new version to avoid URL-filtering.

 

Summary of log

Application:SSL

Category:Unknown

NAT P

...

Understanding Security Profiles

 

PA newbie here!  I am digging in to the PA traffic processing algorithm & on the 4th leg of the process I see that the traffic is allowed at this point but gets scanned against the configured security profile.  This sounds like where IPS comes into

...

PA-v.PNG

add new Certificate for web APP

Good day!

  I tried to follow the steps to create SSL Inbound Inspection but after I added the certificate for the first application (EPOS it’s name) , it’s not showing inside decryption policy role, please check the below pictures to make the image c

...

1.png
2.png
o.othman by L0 Member
  • 2523 Views
  • 0 replies
  • 0 Likes

Blocking SMB Traffic

I was doing a review of some firewall policies and noticed the company I am consulting for is allowing all applications risk 1 through 3 from their trust to untrust zones.  Not sure why it's setup that way yet, but in doing so, SMB traffic is alllowe

...

ce1028 by L4 Transporter
  • 14736 Views
  • 8 replies
  • 0 Likes

Resolved! False Positive AV block

Hi,
Not sure if this is under the correct category but here we go.
I have a false positive in my FWs, I have a file called Pv7_00_169SetupFull.exe which the FWs are detecting as Virus/Win32.WGeneric.qxdip

If I upload and scan the file with VirusTotal it

...

GOTRIDA by L0 Member
  • 4337 Views
  • 1 replies
  • 0 Likes

Resolved! Thread-Log: Virus found

Hello,
under our Threat-Log I found some Virus entries. The Attacker is an own PC from another vlan. We want to install windows updates over Ivanti-Patchmanagement with the original windows update service. And now the maschine, which we will patch, wi

...

Resolved! Palo Alto Negate Object Meaning

Hi,

 

I have a question on Palo Alto negate object. If I have a allow rule that allow src zone A, src IP of 10.10.10.0/24 (Negate) to dst zone B, dest IP of ANY.

 

Does it mean that the rule is allowing other src IP (not including 10.10.10.0/24) from src

...

  • 488 Posts
  • 63 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks