"Security" people often let perfect be the enemy of good. Sometimes it's okay. Sometimes not. ----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com ----- Original Message ----- From: "Karl Auer" <kauer@biplane.com.au> To: "NANOG List" <nanog@nanog.org> Sent: Monday, December 13, 2021 6:54:30 AM Subject: Re: Log4j mitigation On Mon, 2021-12-13 at 06:35 -0600, Joe Greco wrote:
Just because there are other sources of fatalities, doesn't mean you can't check for the quick obvious stuff.
Indeed. One check, even an inadequate one, is better than no checks at all. And over time you can add more checks or improve the ones you have. Don't let "perfect" be the enemy of "good". Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@biplane.com.au) http://www.biplane.com.au/kauer GPG fingerprint: 61A0 99A9 8823 3A75 871E 5D90 BADB B237 260C 9C58 Old fingerprint: 2561 E9EC D868 E73C 8AF1 49CF EE50 4B1D CCA1 5170