Jerry 🦙💝🦙A quick reminder that you really need to have your fortinet firewalls behind a firewall
https://thehackernews.com/2026/03/fortigate-devices-exploited-to-breach.html?m=1
Viss
John Timaeus
Johnley@jerry following up on the “firewall in front of your fortigate” that’s called local in policies and the authorized hosts list.
But dogshit fly by night MSPs have never heard of that or VPNs, so they just open up the management interface(s) to the internet, slap a “all to internet” firewall policy in there with no inspection and sell it to an unsuspecting accounting firm for hundreds of dollars a month, then call themselves an MSSP.
Pauliehedron âś… 
Ichinin 
✅🎯🙄@jerry Apparently Fortinet is built upon Linux so...apt-get install iptables ?
Samantaz Fox@jerry Maybe we should ask them to reconsider the industry they're working in. At this point, they should open a swiss cheese factory, they'd do great!
Baloo Uriza@SamantazFox Clownflare suddenly considers buying cows...
GlitchyXP
Carlos SolĂsAh yes, good ol' FortiVulnsPerWeek
Or as the Slavic sphere would call them, Forti-НЕТ
Paul_IPv6fortinet firewalls remind me of my grandmother.
she had slip covers to protect her upholstery, then vinyl covers to protect her slip covers...
she also had cork to protect the wood on her dining room table, custom covers to protect the cork, a table cloth over the covers, plastic to protect the table cloth.
i just get polyurethane finish on the wood table and call it done.
SysAdminInHell@jerry Isn't it like that with Chrome 0-days every other week?
Andrew Golding@jerry genuinely considered purchasing a used gateway appliance just to get a picture of it plugged into itself, but people still want significant sums of money for them.
Tim Lavoie@huronbikes @jerry Would a Fortigate 100D suffice? Mine (got as a free toy with a year's support) has been idle for a few years now.
Other than shipping, it's free.
Other than shipping, it's free.
@tim_lavoie @jerry If shipping to Chicago is less than my weekly dozen wings ($25) then yeah, I think I could spend that much towards a possible shitpost.
@huronbikes @jerry Sadly, don't think so (especially international).
Hopefully you can find a local doorstop though.
@tim_lavoie @jerry UPS ground says about 33 from Toronto to here (using Toronto as an example source, no idea where you are though I am guessing Canada based on the .ca?) to which I say "I've spent 33 ameros on dumber"
@huronbikes @jerry Less than I expected, to be honest!
I'm way out on the Canadian left coast, not sure how much that matters.
If you're serious, I'll look around for a suitable box, how to factory reset etc.
I'm way out on the Canadian left coast, not sure how much that matters.
If you're serious, I'll look around for a suitable box, how to factory reset etc.
kaaswe@jerry
This is not the first ….. tenth, eleventh major CVE or breach by Fortinet, still companies are buying and putting them as a perimeter Firewall.
I cannot understand how that risk assessment process looks like ???
If price is that important for you and not to secure, why do you even spend money in the first place and not just use a CentOS server with iptables.
Mind blowing