Friday Rant

---

Friday Rant

Back in 2011, at the company where I worked, we bought our first “next-gen firewall” — Palo Alto Networks. We were so proud, finally writing rules by application instead of “ip:port”.

Who would’ve thought that, fifteen years later, I’d be the one saying: “please open ports 22, 135, 137, 445, 6324, 10023… from IP X to IP Y.”

Thinking about how sophisticated cybercriminals have become at moving data around, this whole thing isn’t just boring — it’s downright absurd.

Opening traffic just by port, without checking what app is actually running there or whether something shady’s happening, is about 99% useless. And if you’re opening stuff like port 22 or 445 with zero filters… well, just open everything, save time — security-wise it makes no difference.

What does change? Oh right — it looks good for that mountain of useless regulations that exist solely to shift blame instead of improving security posture. In fact, they make it worse: while the “blue” team is drowning in this bureaucratic crap, the “red” team is out there — free, fast, and having a blast.