The CheckPoints we have at work are to support 3rd parties and acquisitions.  We would never fucking actively use this bullshit.  NO fucking way.  Everything is color-coded and iconic, so I guess for enterprise donkeys who don’t know jack shit about security, maybe this is a plus.  But let’s be totally honest here:  It’s definitely not helping humanity progress.

MY PACKETS ARE GREEN, THAT MUST MEAN THEY ARE OK!

I am a Mac user, so to configure the CheckPoint firewalls we have at work I have to use Remote Desktop Connection into a Windows terminal server we have SPECIFICALLY for managing these firewalls.  So I TS into this machine, fire up the GUI-only Dashboard client, and then have to struggle thru managing firewall policies thru an archaic interface that literally has not changed in the twelve years since I first used it.

You’d think that would make me a pro, but no.  It just fucking pisses me off.  I can’t automate the shit, I can’t even dump the configuration files in a plain-text format.  No, that would be too motherfucking convenient.  No, no, no.  They’re stored in a proprietary binary format.  The absolute worst part is that everything has to be hand-entered line-by-line.  Click OK.  Are you sure?  Are you sure you’re sure?  YES DAMMIT JUST ADD THE FUCKING POLICY!

OH MY GOD I THINK I JUST MURDERED SOMEONE.

So if you’ve ever bought a CheckPoint firewall.  FUCK YOU.

If you make the CheckPoint firewalls.  FUCK YOU TOO.

FUCK FUCK FUCK FUCK FUCK

Gonna go smash my skull against the wall until the pain stops…

It’s simple:

netscreen(M)-> set admin user nocadmin password abc123 privilege read-only

% ssh nocadmin@netscreen
nocadmin@netscreen's password:
For Authorized Use Only, Violators Will Be Prosecuted.
netscreen(M)->

netscreen(M)-> ?
exit                 exit command console
get                  get system information
mtrace               multicast traceroute from source to destination
ping                 ping other host
trace-route          trace route
netscreen(M)->