Threat & Vulnerability Discussions

Threat blocked by Palo Alto: Is there anything else to do?

Hi,

When the Palo Alto blocks a communication that is flags as a threat (ie: SQL Injection, XSS, etc.), should we investigate the target IP to make sure that the threat was blocked? The reason I'm asking is that whenever the Palo Alto blocks an attac

Dynamic IP lists and FQDN?

The only type of external dynamic list i appear to be able to specify in my firewall policy is a dynamic IP list (not a dynamic domain list). And the formatting of such lists appears to be purely for IP addresses. So my question is, how can i specify

Recommended MineMeld prototypes/miners?

I defined two miners - Alient_Vault_Reputation and Bambenek_Consulting - and assigned them to the appropriate processor and output. I then added them to a global deny rule in PA.

Are there any other recommended prototypes with a high reputation to ad

URL Filtering Team creating MORE of a risk

Hi all,

Does anyone know how to directly interact with the URL filtering team besides urlfiltering.paloaltonetworks.com?  I would especially like to reach a manager.  I am having huge problems with them.  I keep submitting sites on which scanners hav

How to avoid and prevention about CVE-2018-11776 with palo alto firewall

Hi Expert ,

Please suggest to me about how to avoid CVE-2018-11776  what are affecting about this vulnerability also palo alto firewall can detect or prevent CVE-2018-11776  ? 

Thank you 

SSL DERYPTION : How to automate URL/domaine decryption Exclusion properly?

Use case : Ours users go through Palo alto for internet access. Decryption feaures has been enabled.
When users try to access to internet may failed because the decryption-error.
We need a solution to automate URL SSL decryption exclusion and log urls

How Palo Alto Networks Identifies GnuTLS Server Hello Session ID Heap Buffer Over Without Decryption

HI All,

We detected Vulnerability: 36926 ID- GnuTLS Server Hello Session ID Heap Buffer Overflow in Palo Alto firewall.  In our cutomers Firewall enviroment we not enable the SSL Descryption Feature.

Customers Queries us.. How and Why Palo Alto able

PAN-DB Connectivity

Hi,

We are faced with the connectivity issue when we tried to download the URL filtering DB from PAN-DB. As the firewall has an external interface to the internet, we have changed the service route for “Palo Alto Networks Services” to the external in

how to integrate x force free feeds with minemled?

Need to Verify traffic.

Hello All,

I am using PA-820, i only have cli access to device. I will require to verify traffic from a particular source and destination on the device. Do we have any commands to do that ? May be something like packet tracer to get all the routes /

Increased FP's for Wildfire Viruses

Has anyone noticed an increase in the number of false-positives being generated by Wildfire in the last few weeks?

I seem to be getting a increased number of alerts for WF learnt viruses on apps that have never caused issues before.  Always worried t