This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

About JRussell

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
JRussell
‎12-21-2015
since ‎09-14-2012
L3 Networker
User Activity
User Profile
Latest posts by JRussell
View All
User Badges
Community Statistics
Member Since ‎09-14-2012 02:45 AM
Date Last Visited ‎12-21-2015 05:09 AM
Posts 59
Total Likes Received 13

Re: POODLE BITES Vulnerability

by in General Topics
‎12-18-2015 03:57 AM
‎12-18-2015 03:57 AM
Any suggestions from the table?    Or do I take it from the silence that others don't have a hard and fast rule for dealing with informational threats? ... View more

Re: POODLE BITES Vulnerability

by in General Topics
‎12-17-2015 01:41 AM
‎12-17-2015 01:41 AM
Yes. They are both "informational" threats. Just wanting to see how others treat these? Do you not bother with them at all and allow them all through? Or do you reset them? Or only in high risk (finance) pcs? ... View more

POODLE BITES (and other Informational Vulnerabilities )

by in General Topics
‎12-16-2015 08:07 AM
‎12-16-2015 08:07 AM
Just wanted to gauge what others are doing with regards to this particular vulnerability if anything.   Historically this has been set to reset-both on this vulnerability. Which, by and large doesn't seem to cause that much of a problem on most sites, but I suppose the question I was asking is, is this something I should be blocking/resetting, or just logging instances for this and it is something I can allow through?   And I suppose the same goes for other "informational" vulnerabilities. How are others dealing with these?   ... View more

What Dynamic block lists do others use?

by in General Topics
‎11-24-2015 02:58 AM
‎11-24-2015 02:58 AM
Hi there,   I have recently started wanting to setup using some Dynamic block lists in my PA box. I just wondered if others use these and if so, which sites do they use?   I was inially looking at using these 2.   www.spamhaus.org   www.openbl.org   Any others that you would suggest? Or even, if you have reason to not use the above 2 I would love to hear it.    Thanks   ... View more

Re: Use proxy only on certain URL's

by in General Topics
‎12-08-2014 04:55 AM
‎12-08-2014 04:55 AM
Thanks Sai, I have logged it with me SE for this feature request. Hopefully it will be done in the near future. ... View more

Use proxy only on certain URL's

by in General Topics
‎12-05-2014 08:58 AM
‎12-05-2014 08:58 AM
Hi, I wanted to know if this was possible? We currently have an issue with 1 of our online services and it turns out to be a routing issue between Virgin and BT. The server seems to create 2 connections and when it is one the first connection it is fine, but the 2nd connection just grinds uploads to a snails pace. We found that if we proxy through a German server this company set up for us we can get the service perfectly fine. I wondered if it was possible to get PA to do this just for this one specific URL? ... View more

Re: Regin detection

by in General Topics
‎11-28-2014 06:56 AM
‎11-28-2014 06:56 AM
Thanks for coming back DZ We use WSUS to deliver any MS updates/installs that we do. So hopefully it will help protect us to a degree. It is just strange that there is not a lot of noise being kicked up about this by AV companies. ... View more

Re: Regin detection

by in General Topics
‎11-28-2014 03:03 AM
‎11-28-2014 03:03 AM
Anyone have any further information on this? It seems a few people would be interested in knowing. ... View more

Re: Can I get a entries of Unused Rules with no repeat count from Custom Report?

by in General Topics
‎11-27-2014 03:22 AM
1 Kudo
‎11-27-2014 03:22 AM
1 Kudo
I am not sure about making a report to show you those unused rules. But as an administration task, once a year, I will go into the rules. Tick "Highlight unused rules" , select them all and then move them all to the bottom underneath my "drop all" rule. That will then show all your unused rules in one easy to see location. I am assuming this is the reason the customer wants such a report? You could then also export the rules as a CSV file to see all the rules in question. In case you wanted something printable. ... View more

Re: Regin detection

by in General Topics
‎11-27-2014 02:51 AM
‎11-27-2014 02:51 AM
Thanks for the link. Although I am getting "Access to this place or content is restricted" Could you provide a working link please? Thanks, James ... View more

Regin detection

by in General Topics
‎11-26-2014 09:01 AM
‎11-26-2014 09:01 AM
Hi All, I understand that this bit of spyware is not well understood as to it's ultimate purpose, very hard to detect and in fact, with the media converge it has had recently I am sure whoever coded this nasty has since changed it's code/behavior. But my question is, does or is PA able to detect any such traffic from this malicious code given that it has taken the "Security experts" years to come back with their prognosis on the code in the first place. Or is this one of those things that we just have to pray to the IT deities that we never fall under the gaze of someone who is wielding such a powerful bit of spyware? ... View more

Re: Some advise

by in General Topics
‎08-11-2014 02:22 AM
‎08-11-2014 02:22 AM
Thanks for your assistance on this one guys. But in the end I managed to resolve the issue and ti was nothing to do with the PA box. For some reason the Pfsense firewall on the other side didn't like me setting the Wifi interface as the WAN interface. Worked fine once I set the wifi connector to another interface. ... View more

Re: Some advise

by in General Topics
‎08-06-2014 03:31 AM
‎08-06-2014 03:31 AM
Sorry, I thought having a static route with the next hop being the wifi NIC on the other end would be my valid return route? Or am I missing something there. I am just in the middle of trying to put the config back to how it was as I was playing with the setup yesterday, once I have it how it was I will try those commands you suggested to get the session traffic ... View more

Some advise

by in General Topics
‎08-05-2014 09:03 AM
‎08-05-2014 09:03 AM
Hi there, I am trying to deploy a network that is connected directly to my PA box over a wifi connector and I am hitting some stumbling blocks. I wondered if someone might be able to offer any advise. The scenoria is this. I have an office that is connected to my office via a wifi transmitter. These wifi use the 172.16.5.x range. There is to be a firewall on the other end of this connection for the wifi to plug into (pfsense). On the Firewall on the other end I have 2 interfaces. A Lan and the wifi connector (it has an address on the wifi range). I have set the wifi up as the WAN interface and it's gateway as the wifi interface IP on the PA box. Traffic between those 2 seems to flow ok. Now, the Local LAN. If I setup a NAT rule on the PA box, or in this case incorporate it into an existing rule, that says all traffic from the LAN within my PA network goes out through our external IP (which is an interface on the PA box). That works fine for my local LAN that is attached directly to the PA network. But for this other office, when I try that the traffic shows and shows as allowed out, but always incomplete. I also tried setting up a static route on the Virtual router pointing to the wifi WAN card on the pfsense box as it's next hop, but still traffic shows incomplete and I never get any pages appear on the other end (apart from local DNS traffic, I have a DNS forwarder for my domain pointing to my domain controller and all DNS requests within my domain work ok via that) I have a policy based re-direct for internal LAN that says if going to that wificonnected office, then go over the wifi transmitter. That allows me to get onto it from where I am sitting. The ideal scenario would be that the network on this wifi connected office is an extention of the private LAN network (10.10.0.0/16) that I have in my main office. But if on the pfsense side I try tell it to use 10.10.1.3 (which is what all the LAN pc's within the main office use) as it's gateway, which I have to then set the LAN on the other side as /16 to allow this, I think lose connection with the firewall. If I try a completely separate network range then all traffic appears to come from the wifi connector on the wifi connected offices WAN card and again, traffic shows as incomplete. I know this is not strictly a PA issue, but if anyone could offer any suggestions it would be appreciated. ... View more

Re: Error when trying to restart management-server

by in General Topics
‎08-01-2014 02:58 AM
‎08-01-2014 02:58 AM
Thanks for the replies. We have problems with the PAN box before I restart the management server. After that it is fine. I get that I would have to reconnect after a restart of it. It was just previously I have never seen that error before (the connection reset one). It usually takes a few minutes and then boots me out of CLI. We are still running 5.0.8 OS. Due to problems we had with V6 and booking in the time to do the upgrade out of hours to diagnose said problem. I will check to see that the process is not running into the man plane and will let you know. It is just odd that the PAN box behaves eratticly ( multiple fails on commit, slowness etc) and then you do the reset and it is ok... for a while, could be a day, could be a week. But at the moment at least, it always seems to re-occur eventually. ... View more
Register or Sign-in
Contact Me
Online Status
Offline
Date Last Visited
‎12-21-2015 05:09 AM
Latest Tags
No tags yet
Likes Given To
Likes From
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks