Michael AM Felt

Michael AM Felt

Bookmark and Share

Recent Posts

  • Why I Stay Away From Using gcc (on AIX)
  • SUDO-RBAC Phase 1
  • Sweet32 Birthday! Your First Thoughts?
  • Security Isn’t Just Technology
  • What OpenSSH Are You Using?
  • Why I Stay Away From Using gcc (on AIX)

    In the title I mention I stay away from gcc. There’s nothing wrong with gcc itself, but rather the maintenance of the run-time libraries.

    Read More

    Posted: October 03, 2017 |

    SUDO-RBAC Phase 1

    Last May I wrote about integrating SUDO and AIX RBAC. After months of no time I had a long weekend and can now say that “Phase 1” is complete. Phase 1 now needs testing—and ideally, feedback.

    Read More

    Posted: September 27, 2017 |

    Sweet32 Birthday! Your First Thoughts?

    My first thought was of when I was Sweet16 and had never been kissed (yeah, a bit late to that aspect of life). But I knew Sweet32 was going to be something different as I first saw the term in an AUSCERT notice.

    Read More

    Posted: September 11, 2017 |

    Security Isn’t Just Technology

    I just received an email, which has since been reported to our abuse team. This email reminds me that a pillar to security is making sure users know the telling signs of phishing, such as an email asking you to go to a special site (URL) because of new government regulations regarding password complexity.

    Read More

    Posted: September 04, 2017 |

    What OpenSSH Are You Using?

    Michael A.M. Felt discusses OpenSSH. 

    Read More

    Posted: August 17, 2017 |

    RBAC and SUDO on AIX

    I have a confession to make: Whenever I thought about SUDO I always thought in terms of SUDO versus RBAC, rather than RBAC and SUDO.

    Read More

    Posted: May 05, 2017 |

    Getting Back to RBAC

    Five years ago I was writing a lot more about RBAC—and I had a theme to "test" RBAC. I called the theme "Never look back" and I installed a few sandbox systems and ran a few "crazy" commands to see where things broke.

    Read More

    Posted: April 11, 2017 |

    AIX and NTP

    By default AIX uses NTPv3. This probably works fine for an internal-only situation (I hope), but for a server that also talks with the "outside," I recall that NTP shows up fairly frequently in CVE messages.

    Read More

    Posted: February 16, 2017 |

    Hard to be Current with OSS

    As I mentioned in a tweet, ZLIB (aka libz) has been updated recently. I expect these sudden updates from version 1.2.8 to 1.2.10 were inspired by an audit performed at the request of MOSS/Secure Open Source.

    Read More

    Posted: January 26, 2017 |

    Using Internet Key Exchange Today

    Internet Key Exchange (IKE) has gone through a lot of changes in the last 20 years. The last major change was the introduction of IKEv2 and communication via port 8500 rather than ports 500 and/or 4500 for setting up what is known as Phase 1 Tunnels.

    Read More

    Posted: December 14, 2016 |

    Displaying results 1-10 (of 42)
     |<  < 1 - 2 - 3 - 4 - 5  >  >|