This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About lzolotonos
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About lzolotonos
05-05-2023
6Posts
0Likes
0Solutions
May 05, 2023Last Visited
User
Activity
User
Profile
Latest posts by lzolotonos
| Subject | Views | Posted |
|---|---|---|
| 2664 | 07-29-2016 04:26 AM | |
| 1595 | 08-01-2013 07:04 AM | |
| 2080 | 08-01-2013 03:02 AM | |
| 1888 | 04-25-2012 07:29 AM |
User Badges
Community Statistics
| Member Since | 01-15-2010 02:52 AM |
| Date Last Visited | 05-05-2023 05:24 AM |
| Posts | 6 |
07-29-2016
04:26 AM
Hi, we see a lot of files with extension docm attacking the mailserver via smtp and identified as malicious by wildfire. is there a way to simply block those files via File Blocking profile like we are doing for pe and other file types. The point is that there is no possibility to choose such file type in File Blocking profile. Any other idea? Thanks. Leonid
... View more
08-01-2013
07:04 AM
Hi, we are trying to create custom vulnerability signature for triggering on the specific string in the udp packet payload with destination port 5060. Unfortunately there is no context for SIP. We used "Pattern Match" and chose "unknown -req-udp-payload" as a context. We applied a Vulnerability protection profile to the security policy (a rule allowing everything) but for some reason this didn't work as we expected. I mean we didn't receive any alert in the Threat log. Is it possible to use "unknown -req-udp-payload" context for such purpose or it is intended only for the "unknown-udp" applications? Any other idea for creating such signature? Thanks. Leonid
... View more
08-01-2013
03:02 AM
Hi, we are trying to create custom vulnerability signature for triggering on the specific string in the udp packet payload with destination port 5060. Unfortunately there is no context for SIP. We used "Pattern Match" and chose "unknown -req-udp-payload" as a context. We applied a Vulnerability protection profile to the security policy (a rule allowing everything) but for some reason this didn't work as we expected. I mean we didn't receive any alert in the Threat log. Is it possible to use "unknown -req-udp-payload" context for such purpose or it is intended only for the "unknown-udp" applications? Any other idea for creating such signature? Thanks. Leonid
... View more
Labels:
- Labels:
-
Configuration
-
Content-ID
04-25-2012
07:29 AM
Hi, You can also create address objects for your pc and name them accordingly. You could see object names in the logs and ACC then. Br, Leonid
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
05-05-2023
05:24 AM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks