[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-relays] Mitigating log4j exploits
Hiho,
we got a notice that currently several exploit attempts for the log4j
flaw going through Tor exit nodes und using LDAP. See
https://www.greynoise.io/viz/query/?gnql=tags%3A%22Apache%20Log4j%20RCE%20Attempt%22
The sender asked to do something against the currently running attacks.
One possibility is, in my opinion, rejecting connection over ports 389
and 636. What do you think? Should we as exit node operators block
connections over those LDAP ports for some amount of time?
Best,
qbi
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays