I was presenting at the annual “Wireshark Developer and User Conference“, the SharkFest’25 EUtalking about “Securing DNS – Attacks and Defences“. It covered all the buzzwords related to DNS security, such as malware using DNS, DNS spoofing, DNS exfiltration & tunnelling, while defending them… Source…
On the Internet, it’s not only “always DNS” – it’s also about securing DNS. DNS faces a wide range of attack vectors, each requiring different defensive strategies. Here comes an overview of DNS securitywhich gives you all the keywords at a glance. This blog post…
While I was working on my presentation about “Secure DNS” for this year’s SharkFestthe Wireshark Developer and User Conference, I recognised that I’m still missing some DNS-related packet captures in the Ultimate PCAPthat is DNS over TLS and DNS over HTTPS. And while working on…
The other day, I was troubleshooting an issue where users reported that “some websites are working while some are not“. Uh. This is almost the worst scenario to face from a networker’s perspective. It’s way easier if things do or don’t work at all, but…
I just ran into a partially working Palo Alto firewall — a PA-1410 shipped with PAN-OS 11.0.3-h10 and ZTP (Zero-Touch Provisioning) enabled — as I exited ZTP mode to configure the firewall in standalone mode. However, this config shortcut did not work as expected. 🙁…
For a few weeks, our PlayStation stopped downloading game updates. I figured it was just a temporary issue with the PS4. Since it didn’t affect me directly but only the kids, I didn’t pay much attention at first. I planned to wait for a firmware…
This goes out to anyone who uses more than one Site-to-Site VPN tunnel between two locations that are secured by firewalls from Palo Alto Networks. Using two (or even more) VPN tunnels, you need an automatic way to failover the traffic flow from one VPN…
It’s really just a small thing, but very practical for me: In Wireshark, a feature request I submitted has been implemented. Now, when you click on an ICMP error, the corresponding (original) packet is highlighted. Previously, clicking on a packet belonging to a flow would…
