Anyone can complain about firewall security. Maybe you can do something about it?
I'm fed up with reading long lists of what's wrong with people's security efforts. You know, those snidely written write-ups that have all of the maturity and objectivity found in a Britanny performance review.
Security Efforts aren't about red carpet reviews. Instead, it's about creating a multi-layered set of defences against skillful pickers-aparters. The knowledgebase changes frequently; and if you're looking for hard-and-fast rules that last decades, good luck.
So instead of picking apart failed designs and technologies with clear 20/20 hindsight, I invite you to give back. The Center for Internet Security (CISecurity.org) does a reasonable job recording and publishing security best practices for many technologies. Maybe you are the Prometheus of Apache Security knowledge. All that and
a bag of chips? Put some skin into the game. Pull up a chair. Get involved. Give back to the security profession you love so much.
I invite you to go out to the website and review what's there. Send an email to the folks.
Instead of attacking what ISN'T done, help point out what should
be done. And you know, if you've got Checkpoint skills and background, consider volunteering to help my group come up with sensible initial security configurations.
jt, Project Leader for the Checkpoint Benchmark