Michael AM Felt

Michael AM Felt

Bookmark and Share

Recent Posts

  • The Danger of SUID, and using FLRTVC to Identify Vulnerabilities
  • Revealing the Obvious in OpenSSL
  • Why I Stay Away From Using gcc (on AIX)
  • SUDO-RBAC Phase 1
  • Sweet32 Birthday! Your First Thoughts?
  • The Danger of SUID, and using FLRTVC to Identify Vulnerabilities

    Earlier this week, IBM Security released a notification about “an unspecified vulnerability that would allow a locally authenticated user to obtain root." Reading deeper, it seems the programs listed (bellmail, caccelstat, iostat, lquerypv, restbyinode, and vmstat) all use “suid” to root, and are executable by anyone. 

    Read More

    Posted: February 08, 2018 |

    Revealing the Obvious in OpenSSL

    I’ve always felt that I understood the process of using OpenSSL for self-signed certificates and signing my own certificates—almost. Many times I have used a search engine to read up on “build your own ca server” and always I have not felt “this is it!” I did the same again today and, generally speaking, the results were the same: Create a self-signed certificate and use this to sign certificates.

    Read More

    Posted: January 02, 2018 |

    Why I Stay Away From Using gcc (on AIX)

    In the title I mention I stay away from gcc. There’s nothing wrong with gcc itself, but rather the maintenance of the run-time libraries.

    Read More

    Posted: October 03, 2017 |

    SUDO-RBAC Phase 1

    Last May I wrote about integrating SUDO and AIX RBAC. After months of no time I had a long weekend and can now say that “Phase 1” is complete. Phase 1 now needs testing—and ideally, feedback.

    Read More

    Posted: September 27, 2017 |

    Sweet32 Birthday! Your First Thoughts?

    My first thought was of when I was Sweet16 and had never been kissed (yeah, a bit late to that aspect of life). But I knew Sweet32 was going to be something different as I first saw the term in an AUSCERT notice.

    Read More

    Posted: September 11, 2017 |

    Security Isn’t Just Technology

    I just received an email, which has since been reported to our abuse team. This email reminds me that a pillar to security is making sure users know the telling signs of phishing, such as an email asking you to go to a special site (URL) because of new government regulations regarding password complexity.

    Read More

    Posted: September 04, 2017 |

    What OpenSSH Are You Using?

    Michael A.M. Felt discusses OpenSSH. 

    Read More

    Posted: August 17, 2017 |

    RBAC and SUDO on AIX

    I have a confession to make: Whenever I thought about SUDO I always thought in terms of SUDO versus RBAC, rather than RBAC and SUDO.

    Read More

    Posted: May 05, 2017 |

    Getting Back to RBAC

    Five years ago I was writing a lot more about RBAC—and I had a theme to "test" RBAC. I called the theme "Never look back" and I installed a few sandbox systems and ran a few "crazy" commands to see where things broke.

    Read More

    Posted: April 11, 2017 |

    AIX and NTP

    By default AIX uses NTPv3. This probably works fine for an internal-only situation (I hope), but for a server that also talks with the "outside," I recall that NTP shows up fairly frequently in CVE messages.

    Read More

    Posted: February 16, 2017 |

    Displaying results 1-10 (of 44)
     |<  < 1 - 2 - 3 - 4 - 5  >  >|