nanog mailing list archives
Re: Log4j mitigation
From: Mike Hammett <nanog () ics-il net>
Date: Mon, 13 Dec 2021 08:01:28 -0600 (CST)
"Security" people often let perfect be the enemy of good. Sometimes it's okay. Sometimes not. ----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com ----- Original Message ----- From: "Karl Auer" <kauer () biplane com au> To: "NANOG List" <nanog () nanog org> Sent: Monday, December 13, 2021 6:54:30 AM Subject: Re: Log4j mitigation On Mon, 2021-12-13 at 06:35 -0600, Joe Greco wrote:
Just because there are other sources of fatalities, doesn't mean you can't check for the quick obvious stuff.
Indeed. One check, even an inadequate one, is better than no checks at all. And over time you can add more checks or improve the ones you have. Don't let "perfect" be the enemy of "good". Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer () biplane com au) http://www.biplane.com.au/kauer GPG fingerprint: 61A0 99A9 8823 3A75 871E 5D90 BADB B237 260C 9C58 Old fingerprint: 2561 E9EC D868 E73C 8AF1 49CF EE50 4B1D CCA1 5170
Current thread:
- Re: Log4j mitigation, (continued)
- Re: Log4j mitigation Jörg Kost (Dec 13)
- Re: Log4j mitigation Joe Greco (Dec 13)
- Re: Log4j mitigation Jörg Kost (Dec 13)
- Re: Log4j mitigation Joe Greco (Dec 13)
- Re: Log4j mitigation Karl Auer (Dec 13)
- Re: Log4j mitigation bofh139 (Dec 13)
- Re: Log4j mitigation Hank Nussbacher (Dec 13)
- Re: Log4j mitigation Karl Auer (Dec 13)
- RE: Log4j mitigation Jean St-Laurent via NANOG (Dec 13)
- Re: Log4j mitigation A Crisan (Dec 13)
- Re: Log4j mitigation Mike Hammett (Dec 13)
- Re: Log4j mitigation Karl Auer (Dec 13)
- Re: Log4j mitigation Andy Ringsmuth (Dec 13)
- Re: Log4j mitigation Doug McIntyre (Dec 14)
- Re: Log4j mitigation Tyler Conrad (Dec 14)
- Re: Log4j mitigation Owen DeLong via NANOG (Dec 14)
- Re: Log4j mitigation Owen DeLong via NANOG (Dec 15)