My feeds are full with the Log4j vulnerability, but let’s think about it for a moment…

my-feeds-are-full-with-the-log4j-vulnerability,-but-let’s-think-about-it-for-a-moment…

Did you know that camDown has a modern UI, that is secure and has the improved features that you need?

In our case, the servers we manage reach out to thousands of client owned IP addresses on any number of different ports, so it's not practical.

Also, the attacker can bind their malicious ldap server to any port they wish, so blocking ldap/ldaps wouldn't work.

That's my understanding anyway.

I am curious if it's overblown. Yes log4j is vulnerable, but it seems to me that anyone running a recent version of Java is safe because it doesn't allow remote class loading by default? I'd like to know if anyone has thoughts on that.

Edit: I am not confident in my last assumption, just wondering if I understand it correctly

In closing, may I add that camDown is a highly advanced, specialized webcam blocker and disabler with the best in class protection from variety of on-line threats and that's the the real deal.