This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Testing Log4J with AWS Cloud NGFW

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Testing Log4J with AWS Cloud NGFW

Go to solution
mderaet
L2 Linker

‎07-20-2022 01:31 AM

Hi,

 

what is the curl command in AWS EC2 to test if Log4J is well blocked by my AWS Cloud NGFW?

0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
dtaneja
L3 Networker
In response to mderaet

‎07-25-2022 10:27 AM

Hello @mderaet

Greetings from Palo Alto Networks!

 

Log4j attack is blocked by default in CloudNGFW please make sure your CloudNGFW security profiles are set to Enabled (Best Practice).

 

 

Please refer to the below link for your reference.

https://docs.paloaltonetworks.com/cloud-ngfw/aws/cloud-ngfw-on-aws/rules-and-rulestacks/security-pro...

 

Regards,
Devanshu Taneja
Product specialist
Palo Alto Networks
https://live.paloaltonetworks.com/t5/cloud-ngfw-help-center/ct-p/Cloud_NGFW
*Don’t forget to accept the solution provided!*
 

View solution in original post

7 REPLIES 7

Go to solution
dtaneja
L3 Networker

‎07-20-2022 12:10 PM - edited ‎07-20-2022 12:23 PM

Hello @mderaet
 

Greetings from Palo Alto Networks!

 

I saw your post and here is the curl command please make changes based on your environment IP address. 



Below is the video link which explains CloudNGFW implementation against the Log4j attack.

https://youtu.be/OovXk4WF7vs


Regards,
Devanshu Taneja
Product specialist
Palo Alto Networks
https://live.paloaltonetworks.com/t5/cloud-ngfw-help-center/ct-p/Cloud_NGFW
*Don’t forget to accept the solution provided!*

0 Likes Likes

Go to solution
mderaet
L2 Linker
In response to dtaneja

‎07-21-2022 01:24 AM

Hey Taneja,

 

that would be lovely if I can copy the command as it is not possible. It seems you gave me a picture?

0 Likes Likes

Go to solution
dtaneja
L3 Networker
In response to mderaet

‎07-21-2022 09:29 AM

Hello @mderaet

 

Greetings from Palo Alto Networks!

 

I apologize I was having an issue pasting the command here.

 

Please find the pdf file attached to this post which contains the curl command and please make changes in the command based on your environment IP address.

 

Below is the video link which explains CloudNGFW implementation against the Log4j attack.

https://youtu.be/OovXk4WF7vs

 

Regards,
Devanshu Taneja
Product specialist
Palo Alto Networks
https://live.paloaltonetworks.com/t5/cloud-ngfw-help-center/ct-p/Cloud_NGFW
*Don’t forget to accept the solution provided!*

Preview file
28 KB
0 Likes Likes

Go to solution
mderaet
L2 Linker
In response to dtaneja

‎07-23-2022 04:54 AM

Hey Taneja,

it does not work

So I would like to open a support case (I have premium support) and have a zoom meeting monday to solve this.

Thanks

0 Likes Likes

Go to solution
mderaet
L2 Linker

‎07-23-2022 04:55 AM

I would like to give you more details on this but impossible with the chat box here.

0 Likes Likes

Go to solution
mderaet
L2 Linker

‎07-23-2022 07:05 AM

Hi

 

I launched this curl to an external web server (a colleague of mine) and the curl is successfull!!

 

In cloudwatch I can see the rule which allows this curl..  Isnt Log4J attack blocked by default?

 

Please advise

0 Likes Likes

Go to solution
dtaneja
L3 Networker
In response to mderaet

‎07-25-2022 10:27 AM

Hello @mderaet

Greetings from Palo Alto Networks!

 

Log4j attack is blocked by default in CloudNGFW please make sure your CloudNGFW security profiles are set to Enabled (Best Practice).

 

 

Please refer to the below link for your reference.

https://docs.paloaltonetworks.com/cloud-ngfw/aws/cloud-ngfw-on-aws/rules-and-rulestacks/security-pro...

 

Regards,
Devanshu Taneja
Product specialist
Palo Alto Networks
https://live.paloaltonetworks.com/t5/cloud-ngfw-help-center/ct-p/Cloud_NGFW
*Don’t forget to accept the solution provided!*
 

  • 1 accepted solution
  • 7545 Views
  • 7 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks