This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Lansweeper Credential-free Device Recognition - log4j

zbrantley
Engaged Sweeper

‎05-06-2022 12:06 AM

We use Palo Alto next generation firewalls and we've been receiving alerts that our Lansweeper server was trying to reach the following URL and IP address and it was flagged as being log4j traffic.

52.215.53.110
recognition.lansweeper.com

Has anyone else been seeing this? It is being caused by having Credential-free Device Recognition enabled.
Labels:
0 Kudos
2 REPLIES 2
zbrantley
Engaged Sweeper

‎05-06-2022 03:21 PM

Thanks for the list of URLs. My bigger concern is whether or not Lansweeper is vulnerable to log4j or is my Palo Alto blocking this traffic as a false positive?
0 Kudos
FrankSc
Lansweeper Tech Support
Lansweeper Tech Support

‎05-06-2022 11:37 AM

Zack Brantley wrote:
We use Palo Alto next generation firewalls and we've been receiving alerts that our Lansweeper server was trying to reach the following URL and IP address and it was flagged as being log4j traffic.

52.215.53.110
recognition.lansweeper.com

Has anyone else been seeing this? It is being caused by having Credential-free Device Recognition enabled.


Hi,
This is indeed caused by Credential-free device recognition. A full list of the URLs that are targeted can be found in the post below.
  • https://www.lansweeper.com/forum/yaf_postst21196_External-URL-s-used-by-Lansweeper.aspx#post67436
0 Kudos

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now