Here are the IP ranges used by Duo Security for authentication purposes – list correct as of September 2016. Duo don’t make this list public (security through obscurity?) but they do give it to customers on request so here they are:
MineMeld is an “extensible Threat Intelligence processing framework and the ‘multi-tool’ of threat indicator feeds. Based on an extremely flexible engine, MineMeld can be used to collect, aggregate and filter indicators from a variety of sources and make them available for consumption to peers or to the Palo Alto Networks security platforms.”
It was recently open-sourced by Palo Alto and can be found on Github.
In this post I will briefly go through the steps needed to configure your SNMP monitoring tool to get active user statistics from your Ruckus ZoneDirector. You can then use this data to map against another metric like bandwidth utilisation or anything else you might find useful in your environment.
In my set-up I have a Ruckus ZoneDirector 3000. I used PRTG as the SNMP monitoring software but any will do.
In this blog I will go through the steps necessary to set-up an automatic reverse SSH tunnel between a client machine sitting in a restricted environment and a server that you control in your home/office/cloud. The reverse SSH tunnel will be encapsulated within a SSL tunnel over port 443 to evade network security appliances/firewalls.
In this brief post I will relay my finding of a security vulnerability with the Palo Alto update servers. This post refers to the security advisory PAN-SA-2016-0010.