Palo Alto documentation is very good, but I dont like the Palo Alto web page when I am looking for a keyword in addressed issues or in the known issues, since its listed under each PANOS Release on different web pages. If you have to go through 10-20 PANOS Release notes its really boring every […]
July 8, 2022
As you know the Local Area Network Denial (LAND) attack is a type of Denial of Service (DOS) attack in which the attacker attacks the network by sending the same source and destination IPs and ports (like TCP SYN where the source IP and destination IP is from the destination device itself). if you check […]
March 31, 2021
Customers have to get the trust with NGN Firewalls, so we have to present it somehow without interfering the production traffic. We can do this during a POC (Proof of concept) by integrating it in the network just like we implemented an IDS in the past. The purpose is to present in reports what the […]
November 15, 2018
I can only quote now since I am a bit tired: “MineMeld is a threat intelligence processing tool that extracts indicators from various sources and compiles the indicators into multiple formats compatible with AutoFocus, the Palo Alto Networks® next-generation firewall, and other security and information event management (SIEM) platforms.” Here are some more details: minemeld […]
November 13, 2018
Still we cannot find any freely available usefull IKE State Monitoring for our VPN Tunnels in 2018…thats bad. That’s why I have grabbed my laptop for a couple of sleepless nights and created from TIG Stack and Maxmind Geolite Free and with Python an IKE State Monitoring Tool. See the building blocks for that service […]
April 19, 2017
The following Application is a nice tool that was built to automate report generation and to make monthly or weekly report analisys where you can find the changes in the firewall events between months or weeks. The Palo Alto Firewall has a great built-in Reporting Service that can generate any kind of custom reports within […]
April 11, 2017
On a network device sometimes we have to collect outputs of multiple commands that contains a counter within its output. To get a state from those counters in outputs we must issue the commands that generates the output multiple times and we should realise if a specific counter value increasing quickly or slowly or does […]
October 25, 2016
yED is an alternative software for those engineers who are working with linux and dont like microsoft visio and want make network topologies faster and simplier for free :-) There is a lot of features like automatic layout and easy data import and so on it realy intuitive when you use it. One of the […]
October 25, 2016
The App sophos-live-protection and the Palo Alto dns-proxy Affair As I first met with this problem I just thought its my first vulnerability that I have found :-), but it wasnt! It was the administrator who forgot to go to a palo alto school before touching a palo alto firewall. :-) The firewall I configured […]
October 25, 2016
Set proxy only at login and unset at logout On some Linux Servers I must reach to the Internet through web proxy with user credentials and i dont have a so called service user everytime. Generally I must set the wget and apt-get and the system wide proxy everytime I login and delete before logout. […]
July 8, 2022
0