top of page
  • rajesh273

Log4j steps

Updated December 16th, 2021

Short Log4j attack mitigation steps :

0. Update to the latest version of log4j version 2.17 or higher

1. Block with WAF [not the best but a first step]

2. Disable log4j

3. Patch log4j <<<< IMMEDIATELY >>> >>> use log4j 2.16.0 or higher

4. Disable JNDI lookups

5. Disable remote codebases

6. Check exploitation attempts

7. Check network perimeter logs to check for indicators of compromise

8. Configure your IDS to detect attack attempts

9. Restrict or disable outbound connections.

The Swiss government Cert published the best guidelines:

7 views0 comments

Recent Posts

See All

The latest White House development in cryptocurrencies, Executive Order (EO)on Ensuring Responsible Development of Digital Assets, is geared towards bringing the world of blockchain in general, and c

bottom of page