Differences

This shows you the differences between two versions of the page.

--- paloaltonetworks:dns_security [2023/01/04 12:20] – bstafford
+++ paloaltonetworks:dns_security [2025/08/29 13:27] (current) – [Details] bstafford
@@ Line 7: / Line 7: @@
 [[https://www.paloaltonetworks.com/apps/pan/public/downloadResource?pagePath=/content/pan/en_US/resources/datasheets/dns-security-service|DNS Security Data Sheet]]
+===== DoT/DoH =====
+PAN-OS 11.2.1 [[https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-networking-admin/dns/configure-a-dns-proxy-object|released the ability]] for DNS Proxy on PAN-OS to act as a DoT/DoH server and also forward on DoT/DoH.
 =====Data Sources=====
@@ Line 24: / Line 27: @@
   * Stops newly registered domains 6x faster than publicaly avaialble scanners
+New in mid 2025
+  * Detection of unknown C2 threats developed using the open source Sliver C2 framework (ATP)
+  * Enhanced Empire C2 deteciton
+  * Protection against DNS relaying attacks, also known as Data Exfiltration via HTTP request headers (ATP+ADNS)
+  * Domain Masquerading Detection, Malicious TDS Detection (ADNS)
+  * AI Categorization, Crypto Scam Detection, DeepFake Phishing Detection (AURL)
+  * Endpoint DLP
-====URL Categories Blockable====
+=====URL Categories Blockable=====
   * Ad Tracking
   * Command and Control
@@ Line 36: / Line 46: @@
   * Phishing
   * Proxy Avoidance & Anonymizers
+===== DNS Techniques =====
+  * Dangling DNS (PAN only)
+  * WildCard DNS (PAN only)
+  * NXNS Attack (PAN only)
+  * CNAME Cloaking
+  * Ultra-Slow DNS Tunneling
+  * Data Theft
+  * DNS Tunneling
+  * DNS Infiltration
+  * Compromised DNS Zone
+  * DNS Rebinding
+  * Strategically Aged Domains
+  * Domain Squating
+  * Domain Generation Algorithm (DGA)
+  * Dictionary DGA
+  * Fast Flux Domains
+  * DNS Rebinding Attacks
+  * Dangling SNA Attacks