Packet filter for log4j exploit
Closed this issue · 3 comments
Is your feature request related to a problem? Please describe.
To be absolutely sure log4j exploit isn't going to work on any of the servers
Describe the solution you'd like
TCPShield did similar thing I think where they filtered packets containing usage of the log4j exploit
Describe alternatives you've considered
It could be patched on the server for the server itself and the client separately
Additional context
I know it's probably out of the scope of this project, but an RCE exploit is something exceptional I think
What packets did TCPShield filter? As far as I know they are not a man in the middle proxy, so what can they even filter after encryption? I will look in to this, maybe we could filter the username or something. But good that you mentioned it
They say it in their discord. They mentioned it's only for offline mode servers, but many networks have custom online mode anyway, so it wouldn't hurt to have something like this in infrared
That's interesting. I didn't knew that they even officially supported offline networks. Well Infrared doesn't support MITM at the moment, but we experimented with that a while back and decided to only "support" online servers for the time being. Not sure if there is anything that we could do then. I will close this for the time being and reopen it if anything comes up or MITM gets implemented.