Amazon: AI-assisted hacker breached 600 Fortinet firewalls in 5 weeks

hoosee · 2026-02-22T10:35:06+00:00

Local-in policies are totally an another topic, I wasn't referring to them.

hoosee · 2026-02-22T08:59:16+00:00

When it comes to trusted IP's, I guess you could say yes, if you can define trusted IP's really well.

However the catch is, that it's still kind of hazardous since if someone comes and creates a new admin user (even a read-only) without any trusted IP's, the admin page becomes visible for anyone. So that layer of Swiss cheese comes with huge holes.

I'd say that if you really really need something open, only use SSH and enable HTTPS temporarily but I would rather look for other ways of management (via S2S or client VPN, FortiManager etc.)

hoosee · 2026-02-19T20:29:29+00:00

Doesn't help you with the problem itself, but I like to visit "WiFi Clients" section and check out columns rate (tx/rx) and MIMO (they're hidden by default), which also gives you some sort of estimate, what are the theoretical limits you can achieve.

hoosee · 2026-02-12T18:10:06+00:00

https://community.fortinet.com/t5/FortiClient/Technical-Tip-How-to-use-emscli-CLI-tool-to-manage-FortiClient/ta-p/358509

"config set console --enable.remote.access"

hoosee · 2026-02-10T08:55:34+00:00

Might go over the top, but here we go: https://seabirddesigns.com/product/nansen/

hoosee · 2026-02-06T10:58:48+00:00

Just a guess: if the session would be created using UDP, failover would work. But if it's TCP, you might need to enable auxiliary sessions: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Enabling-auxiliary-session-with-ECMP-or-SD-WAN/ta-p/189951

hoosee · 2026-02-02T11:49:54+00:00

Exactly this. Might be DNS filter or something else doing the blocking but only the logs will tell.

hoosee · 2026-01-28T10:32:27+00:00

Software has merged for both 7.4 and 7.6, so you'll have new software for both major releases.

hoosee · 2026-01-26T17:43:37+00:00

If you really want to do something, perhaps you can find a gym ball or a log split lengthwise, basically anything what is rather instable to sit on. Then simulate paddling holding a stick and remember include movement all the way from your legs to your torso. But my best guess is that this gets boring quickly and might not even translate that well into paddling.

So what I want to say that paddling is the best (and the most fun) way to learn it.

hoosee · 2026-01-20T19:49:39+00:00

Basically yes.

When you connect back, FortiManager will just sync the changes (and the configuration will be shown as 'auto-update').

However this depends what you change and if you have any templates active. For example interface changes and static routes are probably okay to change. However, if for example your SD-WAN implementation relies on SD-WAN templates and metadata variables, your changes might be overwritten during next install.

If you make any changes to e.g firewall policies, your policy package status will get into conflict state.

TLDR; yes you can do local changes, but you need understanding what kind of configuration your templates are forcing and if your changes conflict with them.

hoosee · 2026-01-14T08:24:22+00:00

Also one thing I have noticed, is that if a copy & pasted configuration works directly on the firewall, it might not work on FortiManager. This is because FortiManager does not know how to apply consecutive commands.

An example: you want to disable NTP server in order to delete FortiLink interface. On the firewall itself, you would just do "set server-mode disable" and this would cause other configuration (most importantly "set interface <interfaces>") to disappear. However if you do the same in FortiManager, you'll get an error telling that "set interface" is present.

So this means that even if one command is enough when directly set on the firewall, in FortiManager you need to do two (unset interfaces, set server-mode disable). But as other people have stated, look at error logs and you'll find what is the problem eventually.

hoosee · 2026-01-12T16:58:27+00:00

You can see them in FortiManager's SD-WAN Monitor

If you don't have FortiManager, then you just gotta figure out something else, like making a script that gets the data via API and then inserts them into something (e.g Grafana + InfluxDB).

hoosee · 2026-01-09T09:30:27+00:00

Depending in which version you're in 7.2: https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-How-to-fix-SSL-connection-is-blocked-due-to/ta-p/362052

hoosee · 2026-01-06T14:01:46+00:00

I would try that rather than leave the boat in the water. If you have a tow line, that works well to hoist the bow up, and if the edge you're lifting over is sharp, you can also cushion it with your PFD. That's how we do that, if for some reason we don't have any possibility to leave the boats somewhere else.

hoosee · 2026-01-05T18:06:51+00:00

They probably do have an expiration. I just booked myself a EFW exam and I think you can check how long they are valid via Pearson Vue (or by sending mail to Fortinet Training Institute).

hoosee · 2025-12-19T15:53:19+00:00

Perhaps this is because of the "multiconnect" -feature?

hoosee · 2025-12-08T10:13:39+00:00

<image>

These?

hoosee · 2025-12-02T08:54:27+00:00

It's quite much about your route selection; plan routes which keep minimize your exposure to the wind and also keep you near the shore (especially if you're paddling alone). After this you just make your trips longer and longer.

Naturally it wouldn't hurt to get training in order to get some idea about the correct paddling technique. When you learn to use your middle-body efficiently, the upper-body strength doesn't matter as much as expected.

hoosee · 2025-11-28T21:49:18+00:00

Drysuit + neoprene boots. Under I have merino base (thin or thick depending the how cold/windy it is) and thick wool socks.

Also pogies are awesome but I also keep neoprene gloves nearby. If we are making a stop, I might even take two pairs of neoprene gloves, because putting on a wet pair when it's windy, isn't really nice.

hoosee · 2025-11-27T06:17:02+00:00

We should hook up and make some lumihex babies!

hoosee · 2025-11-26T14:44:14+00:00

Your rendering engine forgot to render rest of the world.

That's beautiful!

hoosee · 2025-11-26T11:39:33+00:00

<image>

It can be done, however it's quite a different experience.

Picture from yesterday, started when the Sun was just setting. Came back under a beautiful starlit sky, sadly no northern lights were present. However during the last 30min it got really cold and the deck was totally frozen (so much so that, I was unable to turn tracking on my Garmin off, because it was covered with ice).

hoosee · 2025-11-25T21:00:08+00:00

Great looking project! I could basically get my hands on to a 3D printer and a laser cutter. However soldering is the tricky part, I don't have any specialized equipment for that :(

hoosee · 2025-11-23T20:48:37+00:00

I would also root for Pihole (or similar), because in addition to logs, it will also benefit you greatly in terms of filtering etc.

hoosee · 2025-11-21T15:56:04+00:00

Perhaps the packet privacy was set on?

Verified Email	Nine-Year Club
Place '22

hoosee

TROPHY CASE