Palo Alto Bug tool kit

July 8, 2022

0

Palo Alto documentation is very good, but I dont like the Palo Alto web page when I am looking for a keyword in addressed issues or in the known issues, since its listed under each PANOS Release on different web pages. If you have to go through 10-20 PANOS Release notes its really boring every […]

Posted in: Palo Alto

Land Attack or configuration failure?

July 8, 2022

0

As you know the Local Area Network Denial (LAND) attack is a type of Denial of Service (DOS) attack in which the attacker attacks the network by sending the same source and destination IPs and ports (like TCP SYN where the source IP and destination IP is from the destination device itself). if you check […]

POC with NGN Firewalls

March 31, 2021

0

Customers have to get the trust with NGN Firewalls, so we have to present it somehow without interfering the production traffic. We can do this during a POC (Proof of concept) by integrating it in the network just like we implemented an IDS in the past. The purpose is to present in reports what the […]

Tagged: , ,
Posted in: Uncategorized

Using Palo Alto Minemeld behind corporate proxy

November 15, 2018

0

I can only quote now since I am a bit tired: “MineMeld is a threat intelligence processing tool that extracts indicators from various sources and compiles the indicators into multiple formats compatible with AutoFocus, the Palo Alto Networks® next-generation firewall, and other security and information event management (SIEM) platforms.” Here are some more details: minemeld […]

Monitor IKE state on your VPN Gateways

November 13, 2018

6

Still we cannot find any freely available usefull IKE State Monitoring for our VPN Tunnels in 2018…thats bad. That’s why I have grabbed my laptop for a couple of sleepless nights and created from TIG Stack and Maxmind Geolite Free and with Python an IKE State Monitoring Tool. See the building blocks for that service […]

Custom Reporting with Palo Alto Firewall

April 19, 2017

0

The following Application is a nice tool that was built to automate report generation and to make monthly or weekly report analisys where you can find the changes in the firewall events between months or weeks. The Palo Alto Firewall has a great built-in Reporting Service that can generate any kind of custom reports within […]

Automate data collection with SecureCRT

April 11, 2017

0

On a network device sometimes we have to collect outputs of multiple commands that contains a counter within its output. To get a state from those counters in outputs we must issue the commands that generates the output multiple times and we should realise if a specific counter value increasing quickly or slowly or does […]

yED – a MS Visio alternative or more?

October 25, 2016

0

yED is an alternative software for those engineers who are working with linux and dont like microsoft visio and want make network topologies faster and simplier for free :-) There is a lot of features like automatic layout and easy data import and so on it realy intuitive when you use it. One of the […]

Posted in: Graphviz, Linux, Security

Application shifting gone bad – Palo Alto Firewall

October 25, 2016

2

The App sophos-live-protection and the Palo Alto dns-proxy Affair As I first met with this problem I just thought its my first vulnerability that I have found :-), but it wasnt! It was the administrator who forgot to go to a palo alto school before touching a palo alto firewall. :-) The firewall I configured […]

Linux Proxy Settings – Kind of SSO? :-)

October 25, 2016

0

Set proxy only at login and unset at logout On some Linux Servers I must reach to the Internet through web proxy with user credentials and i dont have a so called service user everytime. Generally I must set the wget and apt-get and the system wide proxy everytime I login and delete before logout. […]

Posted in: Linux, proxy, Security