Counter Intelligence via Palo Alto Networks

As an aside from most posts found here, I found a fair amount of unusual traffic recently.  Last week I ended up looking up some models of Palo Alto firewalls and even downloaded a smartphone application of theirs. Nothing really out of the ordinary until  this past Wednesday when I see a large influx of traffic to the site.

Site Hits

In the above graphic you can large influx of probing hits coming from Palo Alto Networks. I can only assuming per other farming tactics I’ve seen in the past the data flows as follows.

  1. You visit Vendor XYZ’s site
  2. Vendor XYZ parses their website logs looking for those users who are making multiple queries against the products portion of the company site
  3. Vendor XYZ performs a bot query hitting up the site client’s IP to see if there is a website and if contact information can be captured
  4. A followup script takes the results and if enough information is capture then is forwarded to the pre-sales department
  5. My phone rings

Really? Do you think I’ll buy a PA-5050 or PA-5060 because you cold-call me mysteriously after I visit your website?


Leave a comment

Your email address will not be published. Required fields are marked *