
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-06-2022 12:06 AM
We use Palo Alto next generation firewalls and we've been receiving alerts that our Lansweeper server was trying to reach the following URL and IP address and it was flagged as being log4j traffic.
52.215.53.110
recognition.lansweeper.com
Has anyone else been seeing this? It is being caused by having Credential-free Device Recognition enabled.
52.215.53.110
recognition.lansweeper.com
Has anyone else been seeing this? It is being caused by having Credential-free Device Recognition enabled.
Labels:
- Labels:
-
General Discussion
2 REPLIES 2

Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-06-2022 03:21 PM
Thanks for the list of URLs. My bigger concern is whether or not Lansweeper is vulnerable to log4j or is my Palo Alto blocking this traffic as a false positive?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-06-2022 11:37 AM
Zack Brantley wrote:
We use Palo Alto next generation firewalls and we've been receiving alerts that our Lansweeper server was trying to reach the following URL and IP address and it was flagged as being log4j traffic.
52.215.53.110
recognition.lansweeper.com
Has anyone else been seeing this? It is being caused by having Credential-free Device Recognition enabled.
Hi,
This is indeed caused by Credential-free device recognition. A full list of the URLs that are targeted can be found in the post below.
- https://www.lansweeper.com/forum/yaf_postst21196_External-URL-s-used-by-Lansweeper.aspx#post67436
