Text only | Text with Images

OPNsense Forum

English Forums => Zenarmor (Sensei) => Topic started by: lrosenman on December 18, 2021, 12:49:27 AM

Title: Anything from Zenarmor/Sensei for Log4Shell?
Post by: lrosenman on December 18, 2021, 12:49:27 AM
With the latest fun & frolic from Log4Shell, is/are there any rules/help from Sensei/Zenarmor?
Title: Re: Anything from Zenarmor/Sensei for Log4Shell?
Post by: sy on December 18, 2021, 07:20:59 AM
Hi,

Elasticsearch package is updated to the 5.6.8_6. You need to run OPNsense update.
Title: Re: Anything from Zenarmor/Sensei for Log4Shell?
Post by: athurdent on December 18, 2021, 07:28:09 AM
Quote from: sy on December 18, 2021, 07:20:59 AM
Hi,

Elasticsearch package is updated to the 5.6.8_6. You need to run OPNsense update.

Great, many thanks @sy!
Update went fine, everything OK so far.
Title: Re: Anything from Zenarmor/Sensei for Log4Shell?
Post by: lrosenman on December 18, 2021, 07:42:20 AM
I was more thinking about blocking attempts to exploit the vulnerability. But thanks for the info on ElasticSearch.  I'm using a remote ES.  And I updated OPNsense.
Title: Re: Anything from Zenarmor/Sensei for Log4Shell?
Post by: almodovaris on December 20, 2021, 06:33:36 AM
Now updated to elasticsearch5-5.6.8_7
Title: Re: Anything from Zenarmor/Sensei for Log4Shell?
Post by: lrosenman on December 20, 2021, 09:39:18 PM
Anything at all on rules/waf side?
Title: Re: Anything from Zenarmor/Sensei for Log4Shell?
Post by: athurdent on December 21, 2021, 04:58:02 AM
Quote from: lrosenman on December 20, 2021, 09:39:18 PM
Anything at all on rules/waf side?
Zenarmor is primarily used to protect client traffic. AFAIK it's not meant to be a WAF. You should probably look into Suricata for this.
Text only | Text with Images