Jump to content

Log4J2 Protection Question

Trooper

By Trooper
in ESET Endpoint Products

 Share

Recommended Posts

  • ESET Insiders
Trooper

Trooper 65

Posted
  • ESET Insiders
Posted

Hi everyone,

As per this article, https://support.eset.com/en/alert8188-information-regarding-the-log4j2-vulnerability it states that if we have Network Attack Protection enabled we are protected.  I have that enabled but I do not use the ESET firewall.  See picture here.

I need to know if we are still protected, or do we need to use the ESET firewall in conjunction with Network Attack Protection to be secure for the Log4J2 exploit?

Thanks!

image.thumb.png.b598e479f2266606c992d3f53a43e145.png

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted (edited)

An Eset moderator will have to confirm 100% if firewall is required.

Based on what is shown here:

Quote

Network attack protection (IDS) – Analyzes the content of network traffic and protects from network attacks. Any traffic which is considered harmful will be blocked. ESET Endpoint Security will inform you when you connect to an unprotected wireless network or a network with weak protection.

https://help.eset.com/ees/9/en-US/idh_config_epfw_ids_rules.html?idh_page_epfw_settings.html

My opinion based on the above is the firewall is required. Note what I underlined. That protection is based on Network Inspection processing which is part of the Eset firewall protection.

Edited by itman
Link to comment
Share on other sites
  • ESET Insiders
Trooper

Trooper 65

Posted
  • Author
  • ESET Insiders
Posted

Thanks to you both.  Now how can I setup notifications to be notified of this on an endpoint and/or server?

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted
17 hours ago, Trooper said:

In addition, would there be a way to test the notification?  Thanks.

You would have to simulate an actual attack to get a notification about security vulnerability exploitation attempt.

Link to comment
Share on other sites
  • ESET Insiders
Trooper

Trooper 65

Posted
  • Author
  • ESET Insiders
Posted
18 minutes ago, Marcos said:

You would have to simulate an actual attack to get a notification about security vulnerability exploitation attempt.

Got you.  Do you know what specific notification would need to be enabled on the endpoint?

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...