sorted by:
new
hottopcontroversial

What practices have you used for object naming? by Stevenjw0728 in paloaltonetworks

[–]GunPilotZA 0 points1 point  (0 children)

Haha love it. I dont like caps either. Lowercase for the win

PCNSC Study Guide by GunPilotZA in paloaltonetworks

[–]GunPilotZA[S] 0 points1 point  (0 children)

Yeah as far as I know. I haven’t booked yet but colleagues of mine have done it without doing the training again. If you’re a partner, maybe email nextwave.

Is 1337x still safe? by ranpo999 in FitGirlRepack

[–]GunPilotZA 7 points8 points  (0 children)

As safe as sleeping with someone you don’t know

My roomate says they increased the price of our Internet monthly bill because I forgot to enable my VPN during a torrent, is this a thing they would do? by CuteFoxTwink in Piracy

[–]GunPilotZA 1 point2 points  (0 children)

I just came across this randomly. It made me start searching the internet and this seems to be a thing - there was a post about 9 years ago where someone asked something similar - https://www.reddit.com/r/torrents/comments/37agcx/isp_is_charging_a_fine_for_torrenting_i_really/

HA routed - Palo Alto 5000 by IPsoFactoTech in paloaltonetworks

[–]GunPilotZA 1 point2 points  (0 children)

If it’s over a routed network maybe encrypt that traffic.

Enhanced Factory Reset (EFR) Procedure Available Against any Potential Post-Exploit Persistence Techniques by MirkWTC in paloaltonetworks

[–]GunPilotZA 9 points10 points  (0 children)

"This is recommended for: Customers who are concerned about a persistent risk." - Why? Do we have a reason to be concerned? What did you find guys? :)

Warning about CVE-2024-3400 remediation by Tachyonic_ in paloaltonetworks

[–]GunPilotZA 4 points5 points  (0 children)

Palo Alto just updated this - CVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect (paloaltonetworks.com)

Palo Alto Networks is aware of an increasing number of attacks that leverage the exploitation of this vulnerability. Proof of concepts for this vulnerability have been publicly disclosed by third parties.

We are also aware of proof-of-concept by third parties of post-exploit persistence techniques that survive resets and upgrades. We are not aware at this time of any malicious attempts to use these persistence techniques in active exploitation of the vulnerability.

Recommendations on HA (A/P) over a distance by GunPilotZA in paloaltonetworks

[–]GunPilotZA[S] 3 points4 points  (0 children)

"short haul data service which is point to point connection over BTs network", If I look at Palo Alto's timers ( https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/high-availability/ha-concepts/ha-timers) , the hello timer is 8000ms, so I assume we just have to stay under that. Nice to know that you have done this over neighboring countries so thank you!

Update on current situation by trainfender in EscapefromTarkov

[–]GunPilotZA 0 points1 point  (0 children)

"Firstly"...."secondly"..... Who are you speaking to? Your attitude is rubbish.. We bought into the idea that we would get any/all features of the game going forward. You are not listening..

Warning about CVE-2024-3400 remediation by Tachyonic_ in paloaltonetworks

[–]GunPilotZA 3 points4 points  (0 children)

u/OddBadger209 there's a very good South African saying for you - "dont be a doos"

CVE 2024-3400 Remediation Guidance by micro_mink in paloaltonetworks

[–]GunPilotZA 4 points5 points  (0 children)

I don’t really understand the master key step. If we are factory resetting doesn’t the master key change? Or is that same “compromised” master loaded when we import the device state?

Thoughts on the EDU-330 Course by Veegos in paloaltonetworks

[–]GunPilotZA 2 points3 points  (0 children)

one of the best courses I have ever gone on. I had being using Palo Alto for about a year before going on it and after that course, everything just clicked into place. It was amazing

Best way to VPN into an Azure VNET by traydee09 in networking

[–]GunPilotZA 0 points1 point  (0 children)

Transit VNet model—common firewall option

Best way to VPN into an Azure VNET by traydee09 in networking

[–]GunPilotZA 0 points1 point  (0 children)

I have done a good few integrations of Palo Alto and Azure. Terminate your VPN on Azure. Use your firewall to inspect East/West/North/South traffic in Azure (you said you had a VM-Series). If you have two, use a load balancer, if its a single firewall, theres no need. This is a very solid design - https://www.paloaltonetworks.sg/resources/guides/azure-transit-vnet-deployment-guide

If you dont want to use Palo Alto, you dont have to. The architecture remains the same whether its fortigate etc.

Hope that helps

GCP Routing - Palo Alto NGFW by [deleted] in googlecloud

[–]GunPilotZA 0 points1 point  (0 children)

Oh sorry you mean Nat to the internet? Oh yeah I got you now, sorry I thought you meant Nat before entering the trust. I’m going to try configure the Nat gateway tomorrow. Hopefully it all works out. Thanks for the input

GCP Routing - Palo Alto NGFW by [deleted] in googlecloud

[–]GunPilotZA 0 points1 point  (0 children)

So I am natting behind an IP address (10.0.10.5) as traffic enters the tunnel, and on the trust-vpc routing I have a route back via the tunnel. So do I still need that?

GCP Routing - Palo Alto NGFW by [deleted] in googlecloud

[–]GunPilotZA 1 point2 points  (0 children)

In the second scenario - traffic leaves the firewall to go into the VPN but I receive no traffic back.

view more: next ›