Differences

This shows you the differences between two versions of the page.

--- paloaltonetworks:dns_security [2023/01/04 12:21] – bstafford
+++ paloaltonetworks:dns_security [2025/08/29 13:27] (current) – [Details] bstafford
@@ Line 7: / Line 7: @@
 [[https://www.paloaltonetworks.com/apps/pan/public/downloadResource?pagePath=/content/pan/en_US/resources/datasheets/dns-security-service|DNS Security Data Sheet]]
+===== DoT/DoH =====
+PAN-OS 11.2.1 [[https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-networking-admin/dns/configure-a-dns-proxy-object|released the ability]] for DNS Proxy on PAN-OS to act as a DoT/DoH server and also forward on DoT/DoH.
 =====Data Sources=====
@@ Line 24: / Line 27: @@
   * Stops newly registered domains 6x faster than publicaly avaialble scanners
+New in mid 2025
+  * Detection of unknown C2 threats developed using the open source Sliver C2 framework (ATP)
+  * Enhanced Empire C2 deteciton
+  * Protection against DNS relaying attacks, also known as Data Exfiltration via HTTP request headers (ATP+ADNS)
+  * Domain Masquerading Detection, Malicious TDS Detection (ADNS)
+  * AI Categorization, Crypto Scam Detection, DeepFake Phishing Detection (AURL)
+  * Endpoint DLP
 =====URL Categories Blockable=====
@@ Line 38: / Line 48: @@
 ===== DNS Techniques =====
-  * Dangling DNS
+  * Dangling DNS (PAN only)
+  * WildCard DNS (PAN only)
+  * NXNS Attack (PAN only)
+  * CNAME Cloaking
+  * Ultra-Slow DNS Tunneling
   * Data Theft
-  * WildCard DNS
   * DNS Tunneling
   * DNS Infiltration
   * Compromised DNS Zone
   * DNS Rebinding
-  * WildCard DNS
-  * NXNS Attack
-  * CNAME Cloaking
   * Strategically Aged Domains
   * Domain Squating
   * Domain Generation Algorithm (DGA)
   * Dictionary DGA
-  * DNS Tunneling
+  * Fast Flux Domains
-  * Fast Flus Domains
+  * DNS Rebinding Attacks
-  * DNS REbinding Attacks
+  * Dangling SNA Attacks
-  * Danglin SNA Attacks
-  * CNAME Cloaking
-  * Dictionary DGA
-  * Ultra-Slow DNS Tunneling