About Satish

Dear Friends, panos, panagent HULK hshah Steven Puluka hyadavalli mmmccorkle I have a doubt regarding PCI vulnerabilities scan and enable the signature for the same. when security team scan our WAN interface. he found below 1. SSL Certificate - Self-Signed Certificate VULNERABILITY DETAILS CVSS Base Score: 9.4 CVSS Temporal Score: 6.9 Severity: 2 QID: 38169 Category: General remote services CVE ID: - Vendor Reference: - Bugtraq ID: - Last Update: 05/25/2009 THREAT: An SSL Certificate associates an entity (person, organization, host, etc.) with a Public Key. In an SSL connection, the client authenticates the remote server using the server's Certificate and extracts the Public Key in the Certificate to establish the secure connection. The client can trust that the Server Certificate belongs the server only if it is signed by a mutually trusted third-party Certificate Authority (CA). Selfsigned certificates are created generally for testing purposes or to avoid paying third-party CAs. These should not be used on any production or critical servers.By exploiting this vulnerability, an attacker can impersonate the server by presenting a fake self-signed certificate. If the client knows that the server does not have a trusted certificate, it will accept this spoofed certificate and communicate with the remote server. IMPACT:By exploiting this vulnerability, an attacker can launch a man-in-the-middle attack. SOLUTION:Please install a server certificate signed by a trusted third-party Certificate Authority. RESULT: Certificate #0 emailAddress=support@paloaltonetworks.com,CN=localhost,OU=Support,O=Palo_Alto_Networks,L=Sunnyvale,ST=CA,C=US is a self signed certificate. 2. SSL Certificate - Signature Verification Failed Vulnerability   port 443/tcp over SSL VULNERABILITY DETAILS CVSS Base Score: 9.4 CVSS Temporal Score: 6.9 Severity: 2 QID: 38173 Category: General remote services CVE ID: - Vendor Reference: - Bugtraq ID: - Last Update: 05/23/2009 3. SSL Certificate - Self-Signed Certificate  port 4443/tcp over SSL VULNERABILITY DETAILS CVSS Base Score: 9.4 CVSS Temporal Score: 6.9 Severity: 2 QID: 38169 Category: General remote services CVE ID: - Vendor Reference: - Bugtraq ID: - Last Update: 05/25/2009 4. OpenSSH Local SCP Shell Command Execution Vulnerability (FEDORA-2006-056, Vmware-3069097-Patch,Vmware-9986131-Patch) VULNERABILITY DETAILS CVSS Base Score: 4.6 CVSS Temporal Score: 3.5 Severity: 3 QID: 115317 Category: Local CVE ID: CVE-2006-0225 Vendor Reference: OpenSSH, FEDORA-2006-056, Vmware-3069097-Patch, Vmware-9986131-Patch Bugtraq ID: 16369 Last Update: 06/17/2010 i have checked below reference I Need help for SSLV3 disable but not yet answered. please suggest me for the same. i am using PAN OS 6.1.2 Thanks in advance. Regards Satish ... View more

Hi Friends, panos hshah hsharma hyadavalli HULK Steven Puluka I am some challenge when i have update the  app & Threats. i am not able to accessing application. After Downgrade  applications and Threats update its working fine. OS version of Paloalto is 6.0.3 and current App version is 491-2634 and issue faced in version 492-2645. Regards Satish ... View more

Hi Friends, I have some confusion for  E-mail Alerts and Reports Generated from PAN-OS. i am using mail for  SSMTP  port 465 or 587. i am not able to find out where i can configure the port. when i am trying to send test email but Unable to Send Email .  please suggest. Regards Satish ... View more