Differences

This shows you the differences between two versions of the page.

--- paloaltonetworks:dns_security [2023/05/26 05:29] – [DNS Techniques] bstafford
+++ paloaltonetworks:dns_security [2025/08/29 13:27] (current) – [Details] bstafford
@@ Line 7: / Line 7: @@
 [[https://www.paloaltonetworks.com/apps/pan/public/downloadResource?pagePath=/content/pan/en_US/resources/datasheets/dns-security-service|DNS Security Data Sheet]]
+===== DoT/DoH =====
+PAN-OS 11.2.1 [[https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-networking-admin/dns/configure-a-dns-proxy-object|released the ability]] for DNS Proxy on PAN-OS to act as a DoT/DoH server and also forward on DoT/DoH.
 =====Data Sources=====
@@ Line 24: / Line 27: @@
   * Stops newly registered domains 6x faster than publicaly avaialble scanners
+New in mid 2025
+  * Detection of unknown C2 threats developed using the open source Sliver C2 framework (ATP)
+  * Enhanced Empire C2 deteciton
+  * Protection against DNS relaying attacks, also known as Data Exfiltration via HTTP request headers (ATP+ADNS)
+  * Domain Masquerading Detection, Malicious TDS Detection (ADNS)
+  * AI Categorization, Crypto Scam Detection, DeepFake Phishing Detection (AURL)
+  * Endpoint DLP
 =====URL Categories Blockable=====
@@ Line 39: / Line 49: @@
 ===== DNS Techniques =====
   * Dangling DNS (PAN only)
+  * WildCard DNS (PAN only)
+  * NXNS Attack (PAN only)
+  * CNAME Cloaking
+  * Ultra-Slow DNS Tunneling
   * Data Theft
   * DNS Tunneling
@@ Line 44: / Line 58: @@
   * Compromised DNS Zone
   * DNS Rebinding
-  * WildCard DNS (PAN only)
-  * NXNS Attack (PAN only)
-  * CNAME Cloaking (PAN only)
   * Strategically Aged Domains
   * Domain Squating
@@ Line 54: / Line 65: @@
   * DNS Rebinding Attacks
   * Dangling SNA Attacks
-  * Dictionary DGA
-  * Ultra-Slow DNS Tunneling