: CLI Cheat Sheet: CTD Evasion Detection
Focus
Focus

CLI Cheat Sheet: CTD Evasion Detection

Table of Contents

CLI Cheat Sheet: CTD Evasion Detection

Use the following table to quickly locate commands for CLI commands related to CTD (content and threat detection engine) fail-close behavior.
These CLI commands are typically used for internal testing purposes or under the guidance of Palo Alto Networks Support.
If you want to ...
Use ...
  • Block the session if decoding errors occur while decoding Base64 encoded traffic.
> set system setting ctd block-on-base64-decode-error enable
  • Block the session if decoding errors occur while decoding BDAT-Chunk traffic.
> set system setting ctd block-on-bdat-chunk-decode-error enable
  • Block the session if decoding errors occur while decoding chunked transfer encoded traffic.
> set system setting ctd block-on-chunk-decode-error enable
  • Block the session if decoding errors occur while decoding quoted-printable encoded traffic.
> set system setting ctd block-on-qp-decode-error enable
  • Block the session if decoding errors occur while decoding UTF encoded traffic.
> set system setting ctd block-on-utf-decode-error enable
  • Block the session if decoding errors occur while decoding uuencoded traffic.
> set system setting ctd block-on-uu-decode-error enable
  • Block the session if decoding errors occur while decoding zip encoded traffic.
> set system setting ctd block-on-zip-decode-error enable