On Friday, December 10, 2021 at 4:15:01 PM UTC-5 Jeffrey Walton wrote:
> > I'm shutting down the web server until I get a grasp on the log4j 0-day > that is in the wild. At work we are seeing suspicious activity, like > servers scanning the network. We are not sure if it is related to the 0-day. > > Hopefully the shutdown will avoid an incident on our server and avoid a > server restore, if things go sideways. > > I hope the server will be back online Saturday afternoon. We will need to > wait for the Ubuntu devs to release the patch. > The server is back online. We set the following environmental variables per https://logging.apache.org/log4j/2.x/security.html : # Set variable for all users $ cat /etc/profile.d/02-log4j2-fix.sh # https://logging.apache.org/log4j/2.x/security.html export LOG4J_FORMAT_MSG_NO_LOOKUPS=true And: # Set variable for Apache $ cat /etc/apache2/envvars ... ## https://logging.apache.org/log4j/2.x/security.html LOG4J_FORMAT_MSG_NO_LOOKUPS=true It looks like it stuck: $ whoami jwalton $ printenv | grep LOG4J LOG4J_FORMAT_MSG_NO_LOOKUPS=true If anyone has feedback, then please share it. Jeff -- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/cryptopp-users/6d64c7b6-711b-44bf-b09d-c0194d50d40cn%40googlegroups.com.
