This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About Chris_Johnston
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About Chris_Johnston
01-31-2023
22Posts
4Likes
0Solutions
Jan 31, 2023Last Visited
User
Activity
User
Profile
Latest posts by Chris_Johnston
| Subject | Views | Posted |
|---|---|---|
| 87 | 01-20-2023 08:09 AM | |
| 2451 | 12-01-2021 08:33 AM | |
| 3543 | 09-02-2021 06:22 AM | |
| 3620 | 09-01-2021 12:05 PM | |
| 2130 | 07-27-2021 05:56 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 07-20-2021 12:28 PM | |
| 3 Likes | 03-22-2021 06:35 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like | |||
| 1 Like | |||
| 1 Like | |||
| 1 Like | |||
| 1 Like |
User Badges
Community Statistics
| Member Since | 01-07-2019 10:18 AM |
| Date Last Visited | 01-31-2023 04:02 PM |
| Posts | 22 |
| Total Likes Received | 4 |
01-20-2023
08:09 AM
Did you ever get an update on this FR?
... View more
12-01-2021
08:33 AM
Did you ever get this resolved? What was the solution?
... View more
09-02-2021
06:22 AM
Makes sense it would log in all, unless you went into each VP and marked it as 'ignore'. That was the challenge with creation of app - it overrides all other icmp apps and unless you create a new application group 'icmp-all' that included icmp and the customs....potential for things to be missed Edit: Actually, no...doesn't make sense on the VP now looking in depth. Probably one of those PA gotchas Thanks for crafting the signature! I'm looking forward to seeing it in my lab (and potentially prod!)
... View more
09-01-2021
12:05 PM
Has anyone had success in creation of threat signatures for ICMP type? I've seen (and tested) the Palo Alto guide on creation of an app to block/allow specific ICMP types and was trying to log a threat event for potential use and visibility versus creation of a new application (and needing to create a new app-id group to accommodate all ICMP types) https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClFZCA0 Working app-id CLI: set application icmp-type8 default ident-by-icmp-type type 8 set application icmp-type8 subcategory ip-protocol set application icmp-type8 category networking set application icmp-type8 technology network-protocol set application icmp-type8 risk 1 Non working threat CLI: set threats vulnerability 44008 signature standard icmp-req-data and-condition "And Condition 1" or-condition "Or Condition 1" operator pattern-match pattern 8 set threats vulnerability 44008 signature standard icmp-req-data and-condition "And Condition 1" or-condition "Or Condition 1" operator pattern-match context icmp-req-data set threats vulnerability 44008 signature standard icmp-req-data and-condition "And Condition 1" or-condition "Or Condition 1" operator pattern-match negate no set threats vulnerability 44008 signature standard icmp-req-data order-free no set threats vulnerability 44008 signature standard icmp-req-data scope protocol-data-unit set threats vulnerability 44008 default-action alert set threats vulnerability 44008 threatname chrisvuln-icmp-type8 set threats vulnerability 44008 severity informational set threats vulnerability 44008 direction both set threats vulnerability 44008 comment "ICMP type 8" set threats vulnerability 44008 affected-host client yes
... View more
07-27-2021
05:56 AM
Just an update - asked TAC to confirm bugID was correct. Engineering did duplicate it to previously found PAN-112175. Fix in 9.1.11 ETA 8/5/21 No plans to backport to 9.0.x yet.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
01-31-2023
04:02 PM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks