This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew

About Remo

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Remo
‎11-26-2025
since ‎03-20-2013
L7 Applicator
User Activity
User Profile
Latest posts by Remo
View All
User Badges
Community Statistics
Member Since ‎03-20-2013 04:23 AM
Date Last Visited ‎11-26-2025 01:29 PM
Posts 2,247
Total Likes Received 813

Re: SSL decryption issue for Windows Store

by in General Topics
‎12-17-2019 11:32 AM
‎12-17-2019 11:32 AM
@MP18 this is actually a goos question. From my side I can only say, that I did not test with *.microsoft.com as the requirement was to configure exceptions as accurate as possible.   Unfortunetely with these exact URLs there is the downside that - as we found out - they change with (not all) new microsoft versions of windows 10. ... View more

Re: Zero Day vulnerability in Google Chrome (CVE-2019-13720, CVE-2019-13721 )

by in General Topics
‎12-17-2019 11:27 AM
‎12-17-2019 11:27 AM
FYI: With the emergency content update 8218 released today, there is now a vulnerability signature for CVE-2019-13720. ... View more

Slow SMB Transfer (and everything else slow) over Global Protect VPN

by in General Topics
‎12-13-2019 06:32 AM
‎12-13-2019 06:32 AM
Hi community   Do you also have issues with low transferrates over globalprotect VPN? And maybe already have a solution for this?   I tested the following setup Client connected with GBit LAN to the internal network without VPN Client connected with Gbit LAN to the GP gateway Client connected to the internal network with MTU set to 1400 (like with GP) and Bandwidth limited with a WAN simulator to 200 Mbit and a delay of 6 ms in both directions Client connected to the GP gateway with a Bandwidth of max 200 Mbit and a delay of 6 ms in both directions Without Globalprotect my tests with iperf and SMB always show that every available bit of bandwith is used for the transfers. As soon as I am connected to Globalprotect the tranferrates drop - in some cases dramatically. The worst was with GP connected on the Gbit link. With SMB I was only able to copy (large) files with max 6 MByte/s.   Globalprotect version used is 5.0.5.   Any help is really appreciated! Regards, Remo ... View more

Re: External Dynamic List Issue OS 9.0.4

by in General Topics
‎12-04-2019 01:28 AM
‎12-04-2019 01:28 AM
Hi @Lakshitha    If you open this URL, all you get is a http 404 error because of some URL encoded characters at the end of your url Try this URL: https://panwdbl.appspot.com/lists/bruteforceblocker.txt   Regards, Remo ... View more

Re: Applications and Threats Content version 8202 and 8203 release notes

by in General Topics
‎12-02-2019 04:12 AM
1 Kudo
‎12-02-2019 04:12 AM
1 Kudo
@Manjunath_V  In 8203 there are no modified applications ... View more

Re: Applications and Threats Content version 8202 and 8203 release notes

by in General Topics
‎12-02-2019 03:26 AM
1 Kudo
‎12-02-2019 03:26 AM
1 Kudo
Applications and Threats Content Release Notes Version 8202 - Part 2 Disabled Anti-Spyware Signatures (1) Severity ID Attack Name Default Action Minimum PAN-OS Version Maximum PAN-OS Version critical 11001 Cobalt Strike Command and Control Traffic Detection reset-both 7.1.0   New Vulnerability Signatures (50) Severity ID Attack Name CVE ID Vendor ID Default Action Minimum PAN-OS Version Maximum PAN-OS Version critical 40109 Compal CH7465LG Improper Input Validation Brute-Force Attempt Detection CVE-2019-13025   alert 6.1.0   critical 56579 Microsoft Internet Explorer Memory Corruption Vulnerability CVE-2014-0275 MS14-010 alert 7.1.0   critical 56580 Microsoft Internet Explorer Memory Corruption Vulnerability CVE-2014-0303 MS14-012 alert 7.1.0   critical 56581 Microsoft Internet Explorer Use-After-Free Vulnerability CVE-2014-0283 MS14-010 alert 7.1.0   critical 56582 Mozilla Firefox WebIDL Implementation Privilege Escalation Vulnerability CVE-2014-1510 CVE-2014-1511   alert 7.1.0   high 56584 Advantech WebAccess SCADA webeye ActiveX ip_addr Parameter Buffer Overflow Vulnerability CVE-2014-8388   alert 7.1.0   critical 56593 Microsoft Internet Explorer Memory Corruption Vulnerability CVE-2014-0282 MS14-035 alert 7.1.0   high 56603 Microsoft Office Bad Index Remote Code Execution Vulnerability CVE-2014-6334 MS14-069 alert 7.1.0   high 56617 Squid Proxy Digest Authentication Denial-of-Service Vulnerability CVE-2019-12525   alert 7.1.0   critical 56666 SaltStack Salt SQL Injection Vulnerability CVE-2019-1010259   alert 7.1.0   high 56669 D-Link Routers Remote Command Execution Vulnerability CVE-2019-16920   reset-both 7.1.0   critical 56670 WhatsApp Remote Code Execution Vulnerability CVE-2019-11932   alert 7.1.0   high 56671 Advantech WebAccess SCADA Bwgetval Arbitrary File Deletion Vulnerability CVE-2019-13552   alert 7.1.0   critical 56672 Cisco Smart Switch Remote Code Execution Vulnerability CVE-2019-1912 CVE-2019-1913 CVE-2019-1914   reset-both 7.1.0   high 56675 phpIPAM SQL Injection Vulnerability CVE-2019-16692   alert 7.1.0   medium 56676 Eclipse Mosquitto MQTT SUBSCRIBE Topic Stack Overflow Vulnerability CVE-2019-11779   alert 8.1.0   high 56679 NPMJS Gitlabhook Remote Command Injection Vulnerability CVE-2019-5485   alert 7.1.0   high 56680 File Sharing Wizard Buffer Overflow Vulnerability CVE-2019-16724   alert 7.1.0   critical 56687 Apache Karaf XML External Entity Injection Vulnerability CVE-2018-11788   alert 7.1.0   high 56690 Cisco RV110W OS Remote Command Injection Vulnerability CVE-2014-0683 CVE-2015-6396   reset-both 7.1.0   critical 56691 Eaton Intelligent Power Manager File Inclusion Vulnerability CVE-2018-12031   alert 7.1.0   medium 56693 Metasploit VxWorks WDB Agent Scanner Detection     alert 7.1.0   critical 56695 Sapplica Sentrifugo SQL Injection Vulnerability CVE-2018-15873   alert 7.1.0   high 56697 Microsoft Jet Database Engine Remote Code Execution Vulnerability CVE-2019-1243   alert 7.1.0   critical 56698 Joomla! Social Factory SQL Injection Vulnerability CVE-2018-17385   alert 7.1.0   critical 56703 CWJoomla Multiple Products SQL Injection Vulnerability CVE-2018-14592   alert 7.1.0   critical 56704 Compal CH7465LG Improper Input Validation Vulnerability CVE-2019-13025   alert 7.1.0   informational 56705 Compal CH7465LG Improper Input Validation Attempt     allow 7.1.0   critical 56707 LibreNMS Command Execution Vulnerability CVE-2018-20434   alert 7.1.0   critical 56708 Joomla Article Factory Manager SQL Injection Vulnerability CVE-2018-17380   alert 7.1.0   high 56709 Harbor Project Privilege Escalation Vulnerability CVE-2019-16097   alert 7.1.0   critical 56711 Joomla Jobs Factory SQL Injection Vulnerability CVE-2018-17382   alert 7.1.0   critical 56715 Joomla AlphaIndex Dictionaries Component SQL Injection Vulnerability CVE-2018-17397   alert 7.1.0   critical 56716 CMS ISWEB 3.5.3 SQL Injection Vulnerability CVE-2018-14956   alert 7.1.0   critical 56717 ZLDNN DNNArticle Information Disclosure Vulnerability CVE-2018-9126   alert 7.1.0   high 56720 Drupal Avatar Uploader Information Disclosure Vulnerability CVE-2018-9205   alert 7.1.0   critical 56721 E-Negosyo System SQL Injection Vulnerability CVE-2018-18801   alert 7.1.0   high 56725 Microsoft Jet Database Engine Remote Code Execution Vulnerability CVE-2019-1250   alert 7.1.0   high 56726 Adobe Reader Memory Corruption Vulnerability CVE-2019-7111 APSB19-17 alert 7.1.0   critical 56731 Joomla Swap Factory SQL Injection Vulnerability CVE-2018-17384   alert 7.1.0   high 56745 Redis HyperLogLog hllCount Stack Buffer Overflow Vulnerability CVE-2019-10193   alert 7.1.0   critical 56784 Cisco IOS XE WebUI Command Injection Vulnerability Vulnerability CVE-2019-12651   alert 7.1.0   critical 56803 Socomec DIRIS A-40 Information Disclosure Vulnerability CVE-2019-15859   alert 7.1.0   high 56804 HP Intelligent Management Center Code Execution Vulnerability CVE-2019-11956   alert 7.1.0   high 56805 Jenkins Script Security Plugin Sandbox Bypass Vulnerability CVE-2019-10393 CVE-2019-10394 CVE-2019-10399 CVE-2019-10400   alert 7.1.0   high 56808 Microsoft Jet Database Engine Remote Code Execution Vulnerability CVE-2019-1249   alert 7.1.0   critical 56809 vBulletin Remote Code Execution Vulnerability CVE-2019-17132   alert 7.1.0   critical 56813 HPE Intelligent Management Center AMF3 Externalizable Deserialization Vulnerability CVE-2019-11944   alert 7.1.0   critical 56816 Pulse Secure Platform Stack-Based Buffer Overflow Vulnerability CVE-2019-11542   alert 7.1.0   high 56817 Microsoft Windows HTTP2 Data Dribble Denial-of-Service Vulnerability CVE-2019-9511   alert 9.0.0   Modified Vulnerability Signatures (9) Severity ID Attack Name CVE ID Vendor ID Default Action Change Minimum PAN-OS Version Maximum PAN-OS Version high 31606 Apple Safari for Windows and Internet Explorer Combined Code Execution Vulnerability CVE-2008-2540   alert improved detection logic to address a possible fp issue 7.1.0   high 38767 FortiOS Cookie Parser Buffer Overflow Vulnerability CVE-2016-6909   alert improved detection logic to cover a new exploit 7.1.0   low 39868 Suspicious HTTP Evasion Found     alert improved detection logic to address a possible fp issue 7.1.0   critical 40781 Oracle WebLogic Server Java Deserialization Vulnerability CVE-2016-3510 CVE-2016-0638   alert updated associated metadata information 7.1.0   critical 40799 Oracle WebLogic Server Java Deserialization Vulnerability CVE-2016-3510 CVE-2016-0638   alert updated associated metadata information 7.1.0   critical 54503 Microsoft SMB Client Response Parsing Vulnerability CVE-2010-0476 MS10-020 alert improved detection logic to address a possible fp issue 7.1.0   critical 55807 Microsoft Internet Explorer Use-After-Free Vulnerability CVE-2014-1772 MS14-035 alert improved detection logic to cover a new exploit 7.1.0   high 56245 Apache Solr Remote Code Execution Vulnerability CVE-2019-0193   alert improved detection logic to cover a new exploit 7.1.0   critical 56632 vBulletin Remote Code Execution Vulnerability CVE-2019-16759   alert improved detection logic to cover a new exploit 7.1.0   Disabled Vulnerability Signatures (2) Severity ID Attack Name CVE ID Vendor ID Default Action Minimum PAN-OS Version Maximum PAN-OS Version critical 33344 Adobe Reader Memory Corruption Vulnerability CVE-2017-11231 APSB17-24 alert 7.1.0   high 36856 Mozilla Firefox SharedWorker MessagePort Handing Memory Corruption Vulnerability CVE-2014-1548   alert 7.1.0     ... View more

Re: Applications and Threats Content version 8202 and 8203 release notes

by in General Topics
‎12-02-2019 03:09 AM
‎12-02-2019 03:09 AM
Applications and Threats Content Release Notes Version 8202 - Part 1   Modified Applications (15) Risk Name Category Subcategory Technology Type of Change Change Depends On Minimum PAN-OS Version 3 backblaze-backup business-systems storage-backup client-server expanded coverage; metadata change from web-browsing to backblaze-backup; Added ssl and web-browsing in Implicit-use-application ssl, web-browsing 6.1.0 2 chrome-remote-desktop networking remote-access browser-based expanded coverage; metadata change from ssl, web-browsing to chrome-remote-desktop; Removed jabber from use-application; Added rtp as use-application google-base, rtp-base, stun 6.1.0 2 cisco-spark-audio-video (functional) collaboration voip-video peer-to-peer metadata change Extended UDP timeout to 3600s. stun 6.1.0 1 cisco-spark-base collaboration social-business browser-based metadata change Extended UDP timeout to 3600s. ssl, web-browsing, webex-base, websocket 6.1.0 2 cisco-spark-file-transfer (functional) collaboration social-business browser-based metadata change Extended UDP timeout to 3600s. cisco-spark-base, jungledisk, ssl, web-browsing 6.1.0 2 h.225 collaboration voip-video client-server expanded coverage from unknown-tcp to h.225   6.1.0 5 hamachi networking encrypted-tunnel peer-to-peer removed false positive from hamachi to unknown-udp web-browsing 6.1.0 2 instagram-base media photo-video client-server metadata change Added Web-browsing in Implicit-use-application apple-maps, google-maps, ssl, web-browsing 6.1.0 2 instagram-upload (functional) media photo-video client-server expanded coverage; metadata change from instagram-base,facebook-base to instagram-upload; Added ssl and web-browsing in Implicit-use-application apple-maps, google-maps, instagram-base, ssl, web-browsing 6.1.0 2 ldap business-systems auth-service client-server expanded coverage from insufficient-data to ldap   6.1.0 2 ms-wmi (functional) business-systems management client-server expanded coverage from msrpc to ms-wmi msrpc-base 6.1.0 2 slack-base collaboration social-business browser-based expanded coverage from web-browsing, websocket to slack-base ssl, web-browsing, websocket 6.1.0 2 telegram collaboration instant-messaging client-server expanded coverage from unknown-udp to telegram ssl, web-browsing 6.1.0 3 webex-base collaboration internet-conferencing client-server metadata change Extended UDP timeout to 3600s. cisco-spark-base, rtcp, rtp-base, ssl, stun, web-browsing 6.1.0 3 webex-desktop-sharing (functional) collaboration internet-conferencing client-server metadata change Extended UDP timeout to 3600s. ssl, web-browsing, webex-base 6.1.0 Modified Decoders (4) Name http http2 msrpc smb New Anti-Spyware Signatures (24) Severity ID Attack Name Default Action Minimum PAN-OS Version Maximum PAN-OS Version critical 85350 Cobalt Strike Beacon Command and Control Traffic Detection reset-both 7.1.0   informational 85386 Trojan.Gafgyt Command and Control Traffic Detection alert 7.1.0   informational 85388 Trojan.Gafgyt Command and Control Traffic Detection alert 7.1.0   informational 85389 Trojan.Gafgyt Command and Control Traffic Detection alert 7.1.0   informational 85391 Trojan.Gafgyt Command and Control Traffic Detection alert 7.1.0   informational 85393 Trojan.Gafgyt Command and Control Traffic Detection alert 7.1.0   informational 85396 Trojan.Gafgyt Command and Control Traffic Detection alert 7.1.0   informational 85398 Trojan.Gafgyt Command and Control Traffic Detection alert 7.1.0   informational 85400 Trojan.Gafgyt Command and Control Traffic Detection alert 7.1.0   informational 85402 Trojan.Gafgyt Command and Control Traffic Detection alert 7.1.0   informational 85403 Trojan.Gafgyt Command and Control Traffic Detection alert 7.1.0   informational 85404 Trojan.Gafgyt Command and Control Traffic Detection alert 7.1.0   informational 85405 Trojan.Gafgyt Command and Control Traffic Detection alert 7.1.0   informational 85407 Trojan.Zegost Command and Control Traffic alert 7.1.0   critical 85447 NetWire RAT Command and Control Traffic Detection reset-both 7.1.0   critical 85448 Pony Command and Control Traffic Detection reset-both 7.1.0   critical 85449 JackFruit Command and Control Traffic Detection reset-both 7.1.0   critical 85450 MuddyWater Command and Control Traffic Detection reset-both 7.1.0   critical 85457 AZORult Command and Control Traffic Detection reset-both 7.1.0   critical 85458 Amadey Botnet Command and Control Traffic Detection reset-both 7.1.0   critical 85459 MasterMana Command and Control Traffic Detection reset-both 8.1.0   critical 85460 MasterMana Command and Control Traffic Detection reset-both 7.1.0   medium 85461 Generic Trojan Command and Control Traffic Detection reset-both 7.1.0   critical 85467 Casbaneiro Command and Control Traffic Detection reset-both 7.1.0   Modified Anti-Spyware Signatures (103) Severity ID Attack Name Default Action Change Minimum PAN-OS Version Maximum PAN-OS Version medium 18019 X.509 Extensions Channel Command and Control Traffic Detection alert improved detection logic to address a possible fp issue 7.1.0   critical 80060 Wells Fargo Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 80061 NBC Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 80062 Microsoft Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 80063 Gmail Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 80064 AOL Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 80065 PayPal Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 80066 Fifth Third Bank Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 83087 Webshell.PHP.tennc.Chinese_Hackers Command And Control Traffic Detection reset-both updated associated metadata information 7.1.0   critical 83088 Webshell.PHP.xl7dev.Silic_Group_Hacker_Army Command And Control Traffic Detection reset-both updated associated metadata information 7.1.0   critical 83089 Webshell.PHP.Johntroony.SimShell_1.0 Command And Control Traffic Detection reset-both updated associated metadata information 7.1.0   critical 83090 Webshell.PHP.tennc.b374k_2.1 Command And Control Traffic Detection reset-both updated associated metadata information 7.1.0   critical 83091 Webshell.PHP.JohnTroony.aZRaiLPhp_v1.0 Command And Control Traffic Detection reset-both updated associated metadata information 7.1.0   critical 83092 Webshell.PHP.mattiasgeniar.b374k_2.2 Command And Control Traffic Detection reset-both updated associated metadata information 7.1.0   critical 83093 Webshell.PHP.ysrc.Chinese_Hackers Command And Control Traffic Detection reset-both updated associated metadata information 7.1.0   critical 83094 Webshell.PHP.ysrc.F4ckTeam Command And Control Traffic Detection reset-both updated associated metadata information 7.1.0   critical 83095 Webshell.PHP.ysrc.Mysql_BackDoor Command And Control Traffic Detection reset-both updated associated metadata information 7.1.0   critical 83097 Webshell.PHP.ysrc.b1u3b0y Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83098 Webshell.PHP.ysrc.ExpDoor.com Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83099 Webshell.PHP.ysrc.MetalSoft_Hackers_Team_1.1 Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83100 Webshell.PHP.tennc.sky_oot Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83101 Webshell.PHP.ysrc.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83102 Webshell.PHP.tennc.Deface_Keeper_0.2 Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83103 Webshell.PHP.JohnTroony.NTDaddy_v1.9 Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83104 Webshell.PHP.xl7dev.oTTo Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83105 Webshell.PHP.xl7dev.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83108 Webshell.PHP.ysrc.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83109 Webshell.PHP.ysrc.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83110 Webshell.PHP.tennc.C37_Shell_v1.1 Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83111 Webshell.PHP.ysrc.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83112 Webshell.PHP.bartblaze.GaZa Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83113 Webshell.PHP.ysrc.egy_spider Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83114 Webshell.PHP.bartblaze.RevSlideR_2015 Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83117 Webshell.PHP.bartblaze.INDRAJITH_SHELL_v.2.0 Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83118 Webshell.PHP.tanjiti.devilzShell Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83119 Webshell.PHP.ysrc.Kacak_FSO_1.0 Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83120 Webshell.PHP.tanjiti.Devil_shell_v2.0 Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83121 Webshell.PHP.mattiasgeniar.Rebels_Mailer Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83122 Webshell.PHP.tanjiti.Mauritania_Attacker_and_Virusa_Worm Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83123 Webshell.PHP.tdifg.Mexican_WebShell_PHP Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83124 Webshell.PHP.tanjiti.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83125 Webshell.PHP.mattiasgeniar.Pro_Mailer_V2 Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83126 Webshell.PHP.mattiasgeniar.team_p Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83127 Webshell.PHP.tennc.MumaSec Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83128 Webshell.PHP.tennc.Shor7cut Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83129 Webshell.PHP.tanjiti.iMHaBiRLiGi Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83134 Webshell.PHP.tdifg.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83135 Webshell.PHP.ysrc.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83136 Webshell.PHP.ysrc.mOon Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83137 Webshell.PHP.tanjiti.h4ckcity Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83138 Webshell.PHP.bartblaze.Peterson Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83139 Webshell.PHP.tennc.sai Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83140 Webshell.PHP.tanjiti.backdoor Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83141 Webshell.PHP.ysrc.Symlink_Sa_2.0 Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83142 Webshell.PHP.ysrc.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83143 Webshell.PHP.JohnTroony.b374k Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83144 Webshell.PHP.ysrc.jalanG Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83145 Webshell.PHP.xl7dev.BnS_Shell Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83146 Webshell.PHP.bartblaze.E404 Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83147 Webshell.PHP.tennc.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83148 Webshell.PHP.tanjiti.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83149 Webshell.PHP.bartblaze.PentaSec Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83150 Webshell.PHP.JohnTroony.KA_uShell Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83151 Webshell.PHP.tdifg.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83152 Webshell.PHP.ysrc.uploader Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83153 Webshell.PHP.JohnTroony.Cyber_Shell_v_1.0 Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83154 Webshell.PHP.JohnTroony.lama_shell_v_3.0 Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83155 Webshell.PHP.mattiasgeniar.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83157 Webshell.PHP.tanjiti.c99madshell_v_3.0 Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83160 Webshell.PHP.tanjiti.PHP_Shell_offender Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83161 Webshell.PHP.mattiasgeniar.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83162 Webshell.PHP.tdifg.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83164 Webshell.PHP.tennc.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83165 Webshell.PHP.ysrc.MSSQL_Cracker Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83166 Webshell.ASP.ysrc.hididi Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83167 Webshell.ASPX.ysrc.ASPXSpy Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83168 Webshell.ASPX.ysrc.ASPXSpy Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83169 Webshell.ASP.ysrc.F4ckTeam Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83170 Webshell.ASP.ysrc.hackyong Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83171 Webshell.ASP.ysrc.F4ckTeam Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83172 Webshell.ASPX.ysrc.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83173 Webshell.ASP.tanjiti.zehiriv Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83174 Webshell.ASP.tdifg.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83175 Webshell.ASP.ysrc.interactive Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83176 Webshell.ASP.ysrc.black_skull Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 83177 Webshell.ASP.git.80sec Command and Control Traffic reset-both updated associated metadata information 7.1.0   critical 85106 NetWire RAT Downloader Traffic Detection reset-both updated associated metadata information 7.1.0   critical 85123 Apple Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 85124 Apple Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 85125 Paypal Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 85164 Telekom Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 85166 WhatsApp Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 85167 Chase Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 85168 Paypal Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 85233 Chartered Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 85234 PostFinance Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 85235 Xfinity Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 85257 Microsoft Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 85258 DHL Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 85259 BMO Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 85260 ICS Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 85261 BMO Phishing Site Detection reset-both updated associated metadata information 7.1.0   critical 85307 NetWire RAT Command and Control Traffic Detection reset-both updated associated metadata information 7.1.0     ... View more

Re: Applications and Threats Content version 8202 and 8203 release notes

by in General Topics
‎12-02-2019 02:49 AM
‎12-02-2019 02:49 AM
Applications and Threats Content Release Notes Version 8203   New Anti-Spyware Signatures (2) Severity ID Attack Name Default Action Minimum PAN-OS Version Maximum PAN-OS Version critical 85446 MOONSHINE Android Malware Kit Command and Control Traffic Detection reset-both 7.1.0   medium 85473 Malicious User-Agent in HTTP Traffic Detection alert 7.1.0   New Vulnerability Signatures (24) Severity ID Attack Name CVE ID Vendor ID Default Action Minimum PAN-OS Version Maximum PAN-OS Version high 56630 Nexus Yum Repository Plugin Remote Code Execution Vulnerability CVE-2019-5475   alert 7.1.0   medium 56658 Google Chrome Popup Blocker Security Bypass Vulnerability CVE-2019-5840   alert 7.1.0   critical 56692 Tecrail Responsive FileManager Server-Side Request Forgery Vulnerability CVE-2018-14728   alert 7.1.0   high 56710 Microsoft Jet Database Engine Remote Code Execution Vulnerability CVE-2019-1242   alert 7.1.0   critical 56722 HP Intelligent Management Center Command Injection Vulnerability CVE-2019-5390   reset-both 7.1.0   critical 56723 HP Intelligent Management Center Memory Corruption Vulnerability CVE-2019-5391   reset-both 7.1.0   high 56744 Atlassian Jira Customer Context Filter Path Traversal Vulnerability CVE-2019-14994   alert 7.1.0   high 56778 E-Cology OA SQL Injection Vulnerability     alert 7.1.0   medium 56810 ASUS RT-N10 Repeater Command Injection Vulnerability     reset-both 7.1.0   critical 56814 Joomla! Component Raffle Factory SQL Injection Vulnerability CVE-2018-17379   alert 7.1.0   high 56819 KDE KConfig Code Execution Vulnerability CVE-2019-14744   alert 7.1.0   high 56820 Trend Micro Email Encryption Gateway Unvalidated Software Update Vulnerability CVE-2018-6221   alert 7.1.0   medium 56823 Microsoft Office Sharepoint XSS Vulnerability CVE-2019-1262   alert 8.1.0   critical 56824 IBM Operational Decision Manager XML External Entity Injection Vulnerability CVE-2018-1821   alert 7.1.0   critical 56827 Cisco IOS XE WebUI Privileged Command Injection Vulnerability CVE-2019-12650   alert 7.1.0   medium 56828 vBulletin SQL Injection Vulnerability CVE-2019-17271   alert 7.1.0   critical 56831 Cyberark Password Vault Web Access Remote Code Execution Vulnerability CVE-2018-9843   alert 7.1.0   high 56834 Cybelsoft ThinVNC Authentication Bypass Vulnerability CVE-2019-17662   alert 7.1.0   critical 56835 Kibana Timelion Remote Code Execution Vulnerabilitiy CVE-2019-7609   alert 7.1.0   critical 56836 Joomla! Component PrayerCenter SQL Injection Vulnerability CVE-2018-7314   alert 7.1.0   critical 56840 Oracle Tarantella Enterprise Directory Traversal Vulnerability CVE-2018-19753   alert 7.1.0   high 56845 Oracle Tarantella Enterprise Privilege Escalation Vulnerability CVE-2018-19754   alert 7.1.0   critical 56848 Total.js CMS Remote Code Execution Vulnerability CVE-2019-15954   alert 7.1.0   high 56849 Zoho ManageEngine Applications Manager MASRequestProcessor serverID SQL Injection Vulnerability     alert 7.1.0   Modified Vulnerability Signatures (96) Severity ID Attack Name CVE ID Vendor ID Default Action Change Minimum PAN-OS Version Maximum PAN-OS Version medium 30514 HTTP SQL Injection Attempt CVE-2019-12516 CVE-2018-5315 CVE-2018-8734 CVE-2017-7973 CVE-2016-5792 CVE-2007-0984   alert updated associated metadata information 7.1.0   medium 30657 MySQL Create Function Buffer Overflow Vulnerability CVE-2005-2558   alert updated associated metadata information 7.1.0   high 30725 Microsoft MDAC SoftwareDistribution.WebControl ActiveX Code execution Vulnerability CVE-2006-0003   reset-both updated associated metadata information 7.1.0   medium 31012 Apache apr-util IPv6 URI Parsing Vulnerability CVE-2004-0786   alert updated associated metadata information 7.1.0   critical 31586 CA BrightStor ARCserve Backup Universal Agent Buffer Overflow Vulnerability CVE-2005-1018   reset-both updated associated metadata information 7.1.0   high 32271 eIQnetworks Enterprise Security Analyzer Topology Server Buffer Overflow Vulnerability CVE-2006-3838   reset-both updated associated metadata information 7.1.0   high 32575 Mozilla Firefox Multiple Unspecified Vulnerabilities CVE-2009-3070   reset-both updated associated metadata information 7.1.0   high 32658 HTTP Cross Site Scripting Attempt CVE-2019-9167 CVE-2019-3963 CVE-2019-3964 CVE-2019-3965 CVE-2019-3966 CVE-2019-12517   alert updated associated metadata information 7.1.0   medium 36239 HTTP SQL Injection Attempt CVE-2017-8917 CVE-2018-10969 CVE-2019-12516   alert updated associated metadata information 7.1.0   critical 38193 Android Stagefright Library Overflow Vulnerability CVE-2015-1538   alert updated associated metadata information 7.1.0   critical 39337 Wordpress Timing Side Channel Denial-Of-Service Vulnerability CVE-2014-9034   alert updated associated metadata information 7.1.0   critical 40440 Adobe Reader Memory Corruption Vulnerability CVE-2017-16418 APSB17-36 reset-both updated associated metadata information 7.1.0   critical 40453 Acrobat Reader Memory Corruption Vulnerability CVE-2017-16394 APSB17-36 reset-both updated associated metadata information 7.1.0   critical 40457 Adobe Reader Memory Corruption Vulnerability CVE-2017-16411 APSB17-36 reset-both updated associated metadata information 7.1.0   critical 40462 Android JavascriptInterface Code Execution Vulnerability     reset-both updated associated metadata information 7.1.0   critical 40464 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2017-11886   reset-both updated associated metadata information 7.1.0   critical 40465 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2017-11894   reset-both updated associated metadata information 7.1.0   critical 40466 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2017-11889   reset-both updated associated metadata information 7.1.0   high 40467 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2017-11916 CVE-2018-0840   reset-both updated associated metadata information 7.1.0   critical 40468 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2017-11909   reset-both updated associated metadata information 7.1.0   critical 40469 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2017-11918   reset-both updated associated metadata information 7.1.0   high 40470 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2017-11930   reset-both updated associated metadata information 7.1.0   critical 40472 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2017-11895   reset-both updated associated metadata information 7.1.0   critical 40474 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2017-11903   reset-both updated associated metadata information 7.1.0   critical 40475 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2017-11907   reset-both updated associated metadata information 7.1.0   critical 40480 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2017-11911   reset-both updated associated metadata information 7.1.0   high 40481 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2017-11913   reset-both updated associated metadata information 7.1.0   critical 40482 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2017-11914   reset-both updated associated metadata information 7.1.0   critical 40489 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-0762   reset-both updated associated metadata information 7.1.0   critical 40490 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-0773   reset-both updated associated metadata information 7.1.0   critical 40492 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-0774   reset-both updated associated metadata information 7.1.0   critical 40496 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-0758   reset-both updated associated metadata information 7.1.0   critical 40502 Microsoft Scripting Engine Information Disclosure Vulnerability CVE-2018-0767   reset-both updated associated metadata information 7.1.0   critical 40504 PHP Fileinfo Call Stack Exhaustion Denial-of-Service Vulnerability CVE-2014-1943   reset-both updated associated metadata information 7.1.0   critical 40505 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-0838   reset-both updated associated metadata information 7.1.0   critical 40508 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-0858   reset-both updated associated metadata information 7.1.0   critical 40509 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-0860   reset-both updated associated metadata information 7.1.0   critical 40511 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-0837   reset-both updated associated metadata information 7.1.0   critical 40512 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-0835   reset-both updated associated metadata information 7.1.0   high 40518 Microsoft Scripting Engine Information Disclosure Vulnerability CVE-2018-0780   reset-both updated associated metadata information 7.1.0   critical 40569 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-0874   reset-both updated associated metadata information 7.1.0   critical 40570 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-0889   reset-both updated associated metadata information 7.1.0   critical 40571 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-0933 CVE-2018-0893   reset-both updated associated metadata information 7.1.0   critical 40576 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-0872   reset-both updated associated metadata information 7.1.0   critical 40577 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-0930   reset-both updated associated metadata information 7.1.0   high 40585 Microsoft Windows Desktop Bridge Elevation Of Privilege Vulnerability CVE-2018-0880   reset-both updated associated metadata information 7.1.0   critical 40591 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-0980   reset-both updated associated metadata information 7.1.0   high 40597 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-1001   reset-both updated associated metadata information 7.1.0   critical 40605 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-0993   reset-both updated associated metadata information 7.1.0   high 40610 Microsoft Excel Remote Code Execution Vulnerability CVE-2018-0920   reset-both updated associated metadata information 7.1.0   critical 40618 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-0996   reset-both updated associated metadata information 7.1.0   critical 40623 Microsoft Windows Vbscript Engine Remote Code Execution Vulnerability CVE-2018-1004   reset-both updated associated metadata information 7.1.0   critical 40634 uTorrent Remote Code Execution Vulnerability     reset-both updated associated metadata information 7.1.0   critical 40642 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-8133 CVE-2018-8466   reset-both updated associated metadata information 7.1.0   critical 40643 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-0953   reset-both updated associated metadata information 7.1.0   critical 40645 Microsoft Browser Memory Corruption Vulnerability CVE-2018-0954   reset-both updated associated metadata information 7.1.0   high 40677 Adobe Reader Memory Corruption Vulnerability CVE-2018-4967 APSB18-09 reset-both updated associated metadata information 7.1.0   high 40690 Adobe Acrobat Web Capture Engine Memory Corruption Vulnerability CVE-2018-4957 APSB18-09 reset-both updated associated metadata information 7.1.0   high 40694 Adobe Reader Memory Corruption Vulnerability CVE-2018-4975 APSB18-09 reset-both updated associated metadata information 7.1.0   critical 40763 Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-8267   reset-both updated associated metadata information 7.1.0   high 40896 Adobe Reader Memory Corruption Vulnerability CVE-2018-12781 APSB18-21 reset-both updated associated metadata information 7.1.0   high 40898 Adobe Reader Memory Corruption Vulnerability CVE-2018-12791 APSB18-21 reset-both updated associated metadata information 7.1.0   high 40908 Adobe Reader Memory Corruption Vulnerability CVE-2018-5056 APSB18-21 reset-both updated associated metadata information 7.1.0   high 40917 Adobe Reader Memory Corruption Vulnerability CVE-2018-12783 APSB18-21 reset-both updated associated metadata information 7.1.0   high 40924 Adobe Reader Memory Corruption Vulnerability CVE-2018-12792 APSB18-21 reset-both updated associated metadata information 7.1.0   high 40925 Adobe Reader Memory Corruption Vulnerability CVE-2018-12780 APSB18-21 reset-both updated associated metadata information 7.1.0   high 40926 Adobe Reader Memory Corruption Vulnerability CVE-2018-12771 APSB18-21 reset-both updated associated metadata information 7.1.0   high 40929 Adobe Reader Memory Corruption Vulnerability CVE-2018-12772 APSB18-21 reset-both updated associated metadata information 7.1.0   high 40932 Adobe Reader Memory Corruption Vulnerability CVE-2018-12770 APSB18-21 reset-both updated associated metadata information 7.1.0   high 40941 Adobe Reader Memory Corruption Vulnerability CVE-2018-12777 APSB18-21 reset-both updated associated metadata information 7.1.0   high 40942 Adobe Reader Memory Corruption Vulnerability CVE-2018-12776 APSB18-21 reset-both updated associated metadata information 7.1.0   high 40944 Adobe Reader Memory Corruption Vulnerability CVE-2018-12773 APSB18-21 reset-both updated associated metadata information 7.1.0   high 40958 Adobe Acrobat Memory Corruption Vulnerability CVE-2018-12774 APSB18-21 reset-both updated associated metadata information 7.1.0   high 40959 Adobe Acrobat Memory Corruption Vulnerability CVE-2018-12779 APSB18-21 reset-both updated associated metadata information 7.1.0   critical 40986 Microsoft Internet Explorer Memory Corruption Vulnerability CVE-2018-8631   reset-both updated associated metadata information 7.1.0   high 40990 Adobe Reader Memory Corruption Vulnerability CVE-2018-12782 APSB18-21 reset-both updated associated metadata information 7.1.0   high 40991 Adobe Reader Memory Corruption Vulnerability CVE-2018-12799 APSB18-25 reset-both updated associated metadata information 7.1.0   high 54080 Apache Santuario XML Security for Java DTD Denial-of-Service Vulnerability CVE-2013-4517   reset-both updated associated metadata information 7.1.0   high 54187 SpringSource Spring Framework SourceHttpMessageConverter XXE Information Disclosure Vulnerability CVE-2013-6429   reset-both updated associated metadata information 7.1.0   high 54196 Microsoft XML Core Services Integer Truncation Memory Corruption Vulnerability CVE-2013-0006 MS13-002 reset-both updated associated metadata information 7.1.0   high 54217 Oracle Java Security Slider Feature Bypass Vulnerability CVE-2013-1489   reset-both updated associated metadata information 7.1.0   high 54282 Oracle Java JPEGImageWriter Memory Corruption Vulnerability CVE-2013-2429   reset-both updated associated metadata information 7.1.0   high 54330 Novell iPrint Client ActiveX Control Stack Overflow Vulnerability CVE-2011-3173   reset-both updated associated metadata information 7.1.0   critical 54391 Microsoft Internet Explorer Internet Explorer Insecure Library Loading Vulnerability CVE-2011-0038 MS11-003 alert improved detection logic to address a possible fp issue 7.1.0   critical 54433 Malicious JavaScript Detection     reset-both updated associated metadata information 7.1.0   high 54462 Protocol Evasion Application Detection     reset-both updated associated metadata information 7.1.0   critical 54549 VBScript Remote Code Execution Vulnerability CVE-2010-0483 MS10-022 reset-both updated associated metadata information 7.1.0   critical 54552 Microsoft VBScript Memory Corruption Vulnerability CVE-2014-0271 MS14-010 MS14-011 reset-both updated associated metadata information 7.1.0   high 54646 RabbitMQ Web Management CSRF Vulnerability     reset-both updated associated metadata information 7.1.0   critical 54703 CA Multiple Products ActiveX Control ListCtrl AddColumn Buffer Overflow Vulnerability CVE-2008-1472   reset-both updated associated metadata information 7.1.0   high 54876 Clipbucket Arbitrary PHP Code Execution Vulnerability CVE-2018-7665   alert updated associated metadata information 7.1.0   high 55485 Adobe Reader Memory Corruption Vulnerability CVE-2019-7109 APSB19-17 alert improved detection logic to cover a new exploit 7.1.0   medium 55983 Sierra Wireless AirLink ES450 SNMPD Hard-coded Credentials Vulnerability CVE-2018-4062   alert updated associated metadata information 7.1.0   high 56129 Jackson-Databind Insecure Deserialization Vulnerability CVE-2019-14361 CVE-2019-14439 CVE-2019-14379   reset-both improved detection logic to cover a new exploit 7.1.0   critical 56471 Adobe Flash Player Memory Corruption Vulnerability CVE-2015-8430 CVE-2015-8426 CVE-2015-8427 APSB15-32 alert improved detection logic to address a possible fp issue 7.1.0   medium 56536 BACnet Stack 0.8.6 Denial-of-Service Vulnerability CVE-2019-12480   alert updated associated metadata information 7.1.0     ... View more

Re: Applications and Threats Content version 8202 and 8203 release notes

by in General Topics
‎11-30-2019 07:22 AM
1 Kudo
‎11-30-2019 07:22 AM
1 Kudo
@OtakarKlier Do you see these versions there? I only see back to version 8205 and I assume this is the reason why @Manjunath_V is asking here ... ... View more

Re: ARP table By SNMP

by in General Topics
‎11-30-2019 06:32 AM
‎11-30-2019 06:32 AM
As far as I know this is still not possible. @reaper is there an existing FR for this? ... View more

Re: The sporadic syslog sender

by in General Topics
‎11-27-2019 04:56 PM
2 Kudos
‎11-27-2019 04:56 PM
2 Kudos
Yes, on the sending firewall you don't see the syslog sessions in traffic log (as long as you do not have the mgmt interface connected to the firewall itself). When you speak about big syslog sessions: You see them on another firewall right? Do you log there start and end logs? If you only log session end logs, did you check for how long the session was open (difference between start and end time of the session)? So maybe this high amount of syslog traffic was sent over a long timeframe. ... View more

Re: Feature Request List

by in General Topics
‎11-27-2019 03:03 PM
1 Kudo
‎11-27-2019 03:03 PM
1 Kudo
Added FR ID 13046: Support gMSA Accounts for User-IP-Mappings Description: Currently only standard windows Useraccounts can be identified by PaloAlto User-ID Agent. This capability should be extended to group managed service accounts as more and more of them will be used in windows environments. This way it remains possible to restrict access from servers to specific ressources so that the installed software is able to communicate but not an admin which might be able to log in to the specific server. ... View more

Re: GP users are getting denied random times

by in General Topics
‎11-27-2019 02:55 PM
2 Kudos
‎11-27-2019 02:55 PM
2 Kudos
@MP18 I think you meant @reaper and not me 😉 But what he was saying that as soon as a user logs in to GP, the firewall assings a local user-ip-mapping with globalprotect as source. So if you also have User-ID agents in place, a mapping there could lead to a conflict and if the mapping on the user-ID agent is newer the local global protect mapping will be overwritten.   @GeorgiosFakis do you have logs of that timeframe(s) where the users reported that they lost the connection? Does this problem exist for all your users at random times or "only" for a small group of users? ... View more

Re: Panorama: PDF export full of HTML code

by in General Topics
‎11-25-2019 12:13 PM
1 Kudo
‎11-25-2019 12:13 PM
1 Kudo
In my case I received the information that PAN-126534 will be fixed in 8.1.12 (not 8.1.13) which will be released in mid december. In PAN-OS 9.0.5 it is already fixed. ... View more

Re: Panorama: PDF export full of HTML code

by in General Topics
‎11-25-2019 10:26 AM
1 Kudo
‎11-25-2019 10:26 AM
1 Kudo
I opened a case to ask when the fix will be ready. Case 01305082 if someone wants to reference on. ... View more
Register or Sign-in
Contact Me
Online Status
Offline
Date Last Visited
‎11-26-2025 01:29 PM
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks