(And Other Tales of Internet Hubris)

I wanna have a quick chat about everyone’s favorite pastime—ignoring security best practices. If you haven’t considered propping open every single port in your network, here's a snippet from a real conversation (paraphrased, because who's got verbatim memory):

Why can't we just leave ALL the ports open? It's not like hackers are gonna know which one we're using, right?

You might be thinking, there are 65,535 ports—how could they possibly guess the one that matters?! By the time they find the right port, we’ll have already finished our overpriced latte and typed a new Wi-Fi password from scratch. (I see no flaws in this plan. Zero.)

Another Brilliant Idea—Switch SSH to… Anywhere Else

Another awesome move—let’s shift SSH off of port 22 because, apparently, that’s like painting a giant neon sign that says, “key me!” for every script kiddie lurking on the internet.

Don't worry though, we have a cunning solution—just put SSH on port 1337. Because only “leet” hackers use that number, and obviously that excludes the script kiddies. Another job well done.

If something breaks (inevitably), it’s probably not your fault. When in doubt, pass the buck.

Hey, intern—why’s this broken again?!

Interns are basically the universal scapegoat for all IT woes. They’re also an endless source of free labor… wait, I mean wonderful learning opportunities.

Last Rites Final Thoughts (Before Something Really Goes Down)

Unrelated, but the blame game works so well when you're in a pinch. Got a connection error after shifting ports around? Must be the new guy’s fault. Losing sleep due to repeated SSH brute-force attempts? Pretty sure the interns were messing with firewall rules again.

But in all seriousness, security by obscurity (like hiding ports) isn't good security practice—it’s just a band-aid (not even really that). For actual safety:

Use strong credentials (not “password123”)—or better yet don't use SSH if you don't have to, and use passwordless set up.

Configure firewalls and intrusion detection properly.

Ensure everything’s patched and up-to-date.

Be good to your interns (that was probably you at some point).

Until next time, remember: if your clever port scheme goes awry, you can always blame it on the interns… or, you know, reconsider real security best practices.

That's it for now.

As always,

Good luck,

Stay safe and,

Be well.

See ya!

P.S. This was a test of long form posting (because I didn't know what it was)—adapted from a post on put on LinkedIn today.