PAN-OS CLI Quick Start
    : CLI Cheat Sheet: CTD Evasion Detection
    Focus
    Download PDF
    Focus
    1. Home
    2. PAN-OS
    3. PAN-OS CLI Quick Start
    4. CLI Cheat Sheets
    5. CLI Cheat Sheet: CTD Evasion Detection
    Download PDF

    PAN-OS CLI Quick Start

    CLI Cheat Sheet: CTD Evasion Detection

    Table of Contents

    CLI Cheat Sheet: CTD Evasion Detection

    Use the following table to quickly locate commands for CLI commands related to CTD (content and threat detection engine) fail-close behavior.
    These CLI commands are typically used for internal testing purposes or under the guidance of Palo Alto Networks Support.
    If you want to ...
    Use ...
    • Block the session if decoding errors occur while decoding Base64 encoded traffic.
    		 
    > set system setting ctd block-on-base64-decode-error enable
    • Block the session if decoding errors occur while decoding BDAT-Chunk traffic.
    		 
    > set system setting ctd block-on-bdat-chunk-decode-error enable
    • Block the session if decoding errors occur while decoding chunked transfer encoded traffic.
    		 
    > set system setting ctd block-on-chunk-decode-error enable
    • Block the session if decoding errors occur while decoding quoted-printable encoded traffic.
    		 
    > set system setting ctd block-on-qp-decode-error enable
    • Block the session if decoding errors occur while decoding UTF encoded traffic.
    		 
    > set system setting ctd block-on-utf-decode-error enable
    • Block the session if decoding errors occur while decoding uuencoded traffic.
    		 
    > set system setting ctd block-on-uu-decode-error enable
    • Block the session if decoding errors occur while decoding zip encoded traffic.
    		 
    > set system setting ctd block-on-zip-decode-error enable

    © 2024 Palo Alto Networks, Inc. All rights reserved.