→ The Lansweeper Customer Excellence Awards 2024 - Submit Your Project Now! Learn More & Enter Here

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
zbrantley
Engaged Sweeper
We use Palo Alto next generation firewalls and we've been receiving alerts that our Lansweeper server was trying to reach the following URL and IP address and it was flagged as being log4j traffic.

52.215.53.110
recognition.lansweeper.com

Has anyone else been seeing this? It is being caused by having Credential-free Device Recognition enabled.
2 REPLIES 2
zbrantley
Engaged Sweeper
Thanks for the list of URLs. My bigger concern is whether or not Lansweeper is vulnerable to log4j or is my Palo Alto blocking this traffic as a false positive?
FrankSc
Lansweeper Tech Support
Lansweeper Tech Support
Zack Brantley wrote:
We use Palo Alto next generation firewalls and we've been receiving alerts that our Lansweeper server was trying to reach the following URL and IP address and it was flagged as being log4j traffic.

52.215.53.110
recognition.lansweeper.com

Has anyone else been seeing this? It is being caused by having Credential-free Device Recognition enabled.


Hi,
This is indeed caused by Credential-free device recognition. A full list of the URLs that are targeted can be found in the post below.
  • https://www.lansweeper.com/forum/yaf_postst21196_External-URL-s-used-by-Lansweeper.aspx#post67436