Log4j mitigation

• Previous message (by thread): Log4j mitigation
• Next message (by thread): Log4j mitigation
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Dec 13, 2021 at 01:12:25PM +0100, J??rg Kost wrote:
> Yes, but it won't change the outcome. We shall run with assuming breach 
> paradigm. In this scenario, it might be useless looking around for port 
> 389 only; it can give you a wrong assumption.

That's like arguing that it isn't worth having a canary in the coal
mine.  Which, come to think of it, was implicitly the point of the
message I sent that you're replying to as well.  Just because there
are other sources of fatalities, doesn't mean you can't check for
the quick obvious stuff.  In my experience, this tends to reveal
issues that might have been forgotten or never known about to begin
with.  Most organizations have a variety of zombie legacy systems
that were set up by people on staff several generations ago.

The more tools at your disposal to identify breached systems, the
better.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"The strain of anti-intellectualism has been a constant thread winding its way
through our political and cultural life, nurtured by the false notion that
democracy means that 'my ignorance is just as good as your knowledge.'"-Asimov

• Previous message (by thread): Log4j mitigation
• Next message (by thread): Log4j mitigation
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]