Anything from Zenarmor/Sensei for Log4Shell?

Started by lrosenman, December 18, 2021, 12:49:27 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 18, 2021, 12:49:27 AM
With the latest fun & frolic from Log4Shell, is/are there any rules/help from Sensei/Zenarmor?
December 18, 2021, 07:20:59 AM #1
Hi,

Elasticsearch package is updated to the 5.6.8_6. You need to run OPNsense update.
December 18, 2021, 07:28:09 AM #2
Quote from: sy on December 18, 2021, 07:20:59 AM
Hi,

Elasticsearch package is updated to the 5.6.8_6. You need to run OPNsense update.

Great, many thanks @sy!
Update went fine, everything OK so far.
December 18, 2021, 07:42:20 AM #3
I was more thinking about blocking attempts to exploit the vulnerability. But thanks for the info on ElasticSearch.  I'm using a remote ES.  And I updated OPNsense.
December 20, 2021, 06:33:36 AM #4
Now updated to elasticsearch5-5.6.8_7
OPNsense HW:

Minisforum Venus series UN100C, 16 GB RAM, 512 GB SSD
T-bao N9N Pro, 16 GB RAM, 512 GB SSD
December 20, 2021, 09:39:18 PM #5
Anything at all on rules/waf side?
December 21, 2021, 04:58:02 AM #6
Quote from: lrosenman on December 20, 2021, 09:39:18 PM
Anything at all on rules/waf side?
Zenarmor is primarily used to protect client traffic. AFAIK it's not meant to be a WAF. You should probably look into Suricata for this.
Print
Go Up Pages1
User actions