This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About mpochan
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About mpochan
04-15-2019
2Posts
1Like
0Solutions
Apr 15, 2019Last Visited
User
Activity
User
Profile
Latest posts by mpochan
| Subject | Views | Posted |
|---|---|---|
| 2172 | 04-03-2019 02:43 PM | |
| 7932 | 01-17-2019 08:15 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 01-17-2019 08:15 AM |
User Badges
Community Statistics
| Member Since | 07-03-2018 12:28 PM |
| Date Last Visited | 04-15-2019 08:51 AM |
| Posts | 2 |
| Total Likes Received | 1 |
06-24-2019
02:26 PM
1 Kudo
Technically, you could create a custom vulnerability that would match "normal" DNS traffic, set it to Alert for the action and set packet capturing to on. Unless you have plenty of resource overhead available to use on your PA I'm guessing this could be a bad idea for that much packet capturing just the same. It would fill up threat log quota or Extended Threat Pcaps quotea much more rapidly. In the logging then you would get a request source and destination just having to open the PCAP to get the domain record that was requested. It would be great if there were just a DNS lookup log with the requestor IP included. Perhaps on your DNS server this is done and you can limit DNS lookups to just your DNS server(s) so everyone would need to be pointed there.
... View more
04-04-2019
08:10 AM
1 Kudo
@mpochan, I'm pretty positive that the firewall doesn't actually record this information in any shape or form.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
04-15-2019
08:51 AM
|
LEGAL NOTICES
Copyright 2007 - 2022 - Palo Alto Networks