top of page
  • Writer's pictureRajesh Kanungo
    • Jan 30, 2022
    • 1 min read

Log4j steps

Updated December 16th, 2021

Short Log4j attack mitigation steps :

0. Update to the latest version of log4j version 2.17 or higher

1. Block with WAF [not the best but a first step]

2. Disable log4j

3. Patch log4j <<<< IMMEDIATELY >>> >>> use log4j 2.16.0 or higher

4. Disable JNDI lookups

5. Disable remote codebases

6. Check exploitation attempts

7. Check network perimeter logs to check for indicators of compromise

8. Configure your IDS to detect attack attempts

9. Restrict or disable outbound connections.

The Swiss government Cert published the best guidelines:

7 views0 comments

Recent Posts

See All

Cryptocurrency: the US tries to legitimize it

The latest White House development in cryptocurrencies, Executive Order (EO)on Ensuring Responsible Development of Digital Assets, is geared towards bringing the world of blockchain in general, and c

bottom of page