Fundraising complete, next renewal is August 2022. Paypal Donation Links US dollars CDN Dollars

log4j

For general computer discussion & help, come here

Moderators: EvilHomer3k, Bakhtosh

Post Reply
User avatar
Jaymon
Posts: 2549
Joined: Wed Sep 10, 2008 12:51 pm

log4j

Post by Jaymon »

Damn you log4j. This was supposed to be a nice and slack week. easy easy, nobody at work, just watch some videos and eat christmas cookies. but noooo, somebody had to go and vulnerability the entire god damn internet, and now I have to work my ass off.

stupid hackers, we hates them.
Bunnies like beer because its made from hops.
User avatar
telcta
Posts: 918
Joined: Mon Dec 20, 2004 3:47 pm
Location: Connecticut

Re: log4j

Post by telcta »

It was this time last year I was wrapping up my job and retiring. I can't imagine getting hit with this now during the holidays. We have a few products that have log4j heavily embedded... my co-worker has basically shut everything down and will only run some services when using a VPN.

He said the only good thing that came out of this is: https://log4jmemes.com/

This would be me...
Enlarge Image
User avatar
hepcat
Posts: 44472
Joined: Wed Oct 13, 2004 3:02 pm
Location: Chicago, IL Home of the triple homicide!

Re: log4j

Post by hepcat »

I’ve deployed updated war files twice in 3 days over this exploit. Thankfully, we’re moving away from deployments using log4j though, so it’s just some legacy systems.
I beat a camel to death with a monkey. Can I do that?
-Mr Bismarck

You have to whack a few rabbits before you are ready to punch a camel.
-Coopasonic
User avatar
Zaxxon
Forum Moderator
Posts: 25610
Joined: Wed Oct 13, 2004 12:11 am
Location: Surrounded by Mountains

Re: log4j

Post by Zaxxon »

It's a pain in the ass.
User avatar
coopasonic
Posts: 18826
Joined: Fri Mar 04, 2005 11:43 pm
Location: Dallas-ish

Re: log4j

Post by coopasonic »

Yup, last week was supposed to be the quiet week, after the implementation freeze and before everyone started their vacations. Haha, nah, how about one of the biggest fire drills we have ever seen instead?

Jenkins was crying for mercy all week.
-Coop
Black Lives Matter
malchior
Posts: 18556
Joined: Wed Oct 13, 2004 12:58 pm

Re: log4j

Post by malchior »

The good thing is we got to practice updating it multiple times. It has to be finally fixed now, right? :doh:
User avatar
hitbyambulance
Posts: 8850
Joined: Wed Oct 13, 2004 3:51 am
Location: Map Ref 47.6°N 122.35°W
Contact:

Re: log4j

Post by hitbyambulance »

i remember using this in my Java certification class
User avatar
gilraen
Posts: 3394
Joined: Wed Sep 04, 2013 7:45 pm
Location: Broomfield, CO

Re: log4j

Post by gilraen »

The Apache library version that we use in our software is so old, it's actually not affected by the exploit. Win!
User avatar
naednek
Posts: 9973
Joined: Tue Oct 19, 2004 9:23 pm

Re: log4j

Post by naednek »

gilraen wrote: Wed Dec 22, 2021 3:06 pm The Apache library version that we use in our software is so old, it's actually not affected by the exploit. Win!
hah same boat here.

Our linux guy is soaking that up.

We have found 30 + servers so far.
hepcat - "I agree with Naednek"
User avatar
Pyperkub
Posts: 21245
Joined: Mon Dec 13, 2004 5:07 pm
Location: NC- that's Northern California

Re: log4j

Post by Pyperkub »

Jaymon wrote:Damn you log4j. This was supposed to be a nice and slack week. easy easy, nobody at work, just watch some videos and eat christmas cookies. but noooo, somebody had to go and vulnerability the entire god damn internet, and now I have to work my ass off.

stupid hackers, we hates them.
Last year it was the SolarWinds hack. The slack weeks around the holidays don't apply anymore.
Black Lives definitely Matter Lorini!

Also: There are three ways to not tell the truth: lies, damned lies, and statistics.
Post Reply