MineMeld is an “extensible Threat Intelligence processing framework and the ‘multi-tool’ of threat indicator feeds. Based on an extremely flexible engine, MineMeld can be used to collect, aggregate and filter indicators from a variety of sources and make them available for consumption to peers or to the Palo Alto Networks security platforms.”
It was recently open-sourced by Palo Alto and can be found on Github.
Continue reading Palo Alto MineMeld Example Configuration
In this post I will briefly go through the steps needed to configure your SNMP monitoring tool to get active user statistics from your Ruckus ZoneDirector. You can then use this data to map against another metric like bandwidth utilisation or anything else you might find useful in your environment.
In my set-up I have a Ruckus ZoneDirector 3000. I used PRTG as the SNMP monitoring software but any will do.
Continue reading Ruckus SNMP Active Users and Bandwidth Utilisation
In this blog I will go through the steps necessary to set-up an automatic reverse SSH tunnel between a client machine sitting in a restricted environment and a server that you control in your home/office/cloud. The reverse SSH tunnel will be encapsulated within a SSL tunnel over port 443 to evade network security appliances/firewalls.
Continue reading Reverse SSH Tunnelling over SSL with the Raspberry Pi
In this brief post I will relay my finding of a security vulnerability with the Palo Alto update servers. This post refers to the security advisory PAN-SA-2016-0010.
Continue reading Palo Alto Networks – Update Server API Exposure
This is a follow up from my other blog post – as I have found another issue with the best practices provided by Palo Alto, I thought I’d consolidate them in a single post.
Continue reading Take Care When Applying Palo Alto Best Practices