Traffic being identified as a threat ID 8732

Traffic being identified as a threat ID 8732

9548
Created On 03/20/20 01:57 AM - Last Modified 06/08/23 08:50 AM


Question


Traffic being identified as a threat ID 8732

Answer



Threat ID 8732 is an informational-level alert for first packet of a TCP session that are not SYN packets (non-syn-TCP) when enable Packet-Based Attack Protection in a Zone Protection profile introduce in PAN-OS software 8.1.2 and later releases, together with a optional CLI command to enable the firewall to generate a Threat log when the firewall receives and drops the following types of packets.
  
admin@PA> show threat id 8732
This event is triggered when encountering a TCP packet which does not belong to an existing session. Any new session is expected to begin with a SYN packet and dropped if not so.

informational
Unknown

Additional Information


https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-release-notes/pan-os-8-1-release-information/features-introduced-in-pan-os-8-1/networking-features
https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/zone-protection-and-dos-protection/configure-zone-protection-to-increase-network-security/configure-packet-based-attack-protection.html
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PPAxCAO&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail