Share this page!

Javarevisited Profile picture
Twitter logo
13 Dec, 8 tweets, 3 min read
Log4j issue 101 Image
#Log4J 2.16.0 is out.

Fully disables all JNDI related functionality, and removes the lookups feature.
logging.apache.org/log4j/2.x/chan…
It's also time to use SLF4j so that you can switch logging libraries without any pain, I said this in 2013 though javarevisited.blogspot.com/2013/08/why-us…
And, time to revise some logging tips as well
javarevisited.blogspot.com/2011/05/top-10…
If you are looking for solution, I have shared a couple of them, both tactical and permanent solution here
javarevisited.blogspot.com/2021/12/what-i…
@UnrollThread
compile @threader
unroll @threadreaderapp

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Javarevisited

Javarevisited Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @javarevisited

Javarevisited Profile picture
12 Dec
With all the chaos going on, I thought to put some important info about Java Log4j issue
1. only version affected between >= 2.0 and <=2.14.1 are affected
2. If your application is not externally exposed, its low risk
3. version 2.15.0 of log4j released without this issue
A 🧵
JDK versions greater than 6u211, 7u201, 8u191, and 11.0.1 are not affected by the LDAP attack vector. In these versions com.sun.jndi.ldap.object.trustURLCodebase is set to false meaning JNDI cannot load remote code using LDAP.
Exploit Requirements
- A server with a vulnerable log4j version (listed above),
- an endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send the exploit string,
- and a log statement that logs out the string from that request.
Read 9 tweets
Javarevisited Profile picture
11 Dec
10 SQL Concepts every developer should learn
1. JOIN
2. GROUP BY
3. Window Function
4. Correlated subquery
5. Indexing
6. WHERE vs HAVING
7. UNION
8. Table Alias
9. Temp table
10. Functions

what would you add more into this list?

#SQL #Programming
And, if you need resource to learn these concepts well, I have shared some excellent SQL books here
java67.com/2016/09/sql-5-…
And, if you like courses, I have shared, both free and paid SQL courses for both beginners and intermediate devs
javarevisited.blogspot.com/2018/05/top-5-…
Read 9 tweets
Javarevisited Profile picture
10 Dec
10 System design concepts that can help you in coding interviews
1. Load Balancing
2. Caching
3. Data Partitioning
4. Indexes
5. Proxies
6. Redundancy and Replication
7. SQL vs. NoSQL
8. Distributed Systems
9. CAP Theorem
10.Consistent Hashing
#systemdesign #programming #design
And, if you need a resource to master system design, you can checkout Grokking the System Design on @EducativeInc
educative.io/courses/grokki…
And, if you need more choices, I have shared few more courses here
medium.com/javarevisited/…
Read 8 tweets
Javarevisited Profile picture
9 Dec
Design Patter cheat sheet
And, here are best books to learn Design patterns
medium.com/javarevisited/…
And, best online courses for design patterns
javarevisited.blogspot.com/2018/02/top-5-…
Read 7 tweets
Javarevisited Profile picture
25 Nov
Best Black Friday Deals for Developers
- 85% OFF on Udemy
- 63% OFF on Datacamp
- 50% OFF on Codecademy
- 40% OFF on Pluralsigh
- 1 $ Coursera Plus Offer
- Udacity Buy one Get one FREE
See the thread for details, links and discount coupon codes. #deals #BlackFriday #Devs
85% OFF on Udemy Courses
here is the link with discount -- bit.ly/3oLXYVG
63% OFF Datacamp black friday Deal
here is the link with discount - bit.ly/3nFPtw3
Read 22 tweets
Javarevisited Profile picture
21 Nov
Google Cloud Platform certification resources
- articles
- courses
- books
- guide
- certification
A thread 🧵
Top 10 Google Cloud Certifications You can Aim in 2021 - Best of Lot

Read more: java67.com/2021/01/top-10…
5 Free Courses to Crack Google Cloud Professional Data Engineer Certification Exam in 2021 - Best of Lot

Read more: java67.com/2020/10/5-free…
Read 23 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @javarevisited has new unrolls!

Check out other threads from @javarevisited!

Read all threads by @javarevisited

:(