Michael AM Felt

Michael AM Felt




Bookmark and Share
RSS

Recent Posts

  • Back to Basics: aixpert
    May 2, 2018
  • Determining Patching Responsibility
    March 22, 2018
  • AIX, Security and the Basics
    February 27, 2018
  • The Danger of SUID, and using FLRTVC to Identify Vulnerabilities
    February 8, 2018
  • Revealing the Obvious in OpenSSL
    January 2, 2018
  • What Good Are Intentions?

    Time just keeps slipping by. This feels like a New Years best-intention gone bad. Three times before I have started a SecuringAIX blog and three times I have not finished.

    So today must be different. I must finish this blog entry – anything will be better than nothing.

    Read More

    Posted: June 10, 2014 |

    What Does It Take for Security to Get Management Attention?

    What does it take to get management's attention, to get the higher ups to be serious about getting something done with securing systems?

    I really enjoy discussing and implementing systems security.

    Read More

    Posted: December 17, 2013 |

    Are You Being Naughty?

    I have an AIX server—on the Internet—and I have been naughty! Shame on me!

    My intent is that this server  is  “open” just enough so "random" activity looking for servers to breach does not take it down. I say "random" because I doubt my ISP would be happy if I were the target of directed or sustained attacks. So, I try not to be too inviting.

    Read More

    Posted: October 14, 2013 |

    Improve Your Password-Hashing Algorithms

    Today, I want to discuss how compatible AIX is with Linux’s old (SMD5) and new (SHA512) default algorithms. In short, AIX is very versatile in the password-hashing algorithms it supports, and a high degree of additional customization is possible.

    Read More

    Posted: September 23, 2013 |

    Exploring OpenLDAP for AIX

    Too much work and then vacations have delayed this post, leaving me feeling guilty when there’s really nothing to feel guilty about. I guess, somewhere inside me, there’s a desire to have some element of "BLING" whenever I write something for SecuringAIX. But there’s no need. I am not a professional writer or journalist, and blogs aren’t meant to always BLING.

    Read More

    Posted: July 22, 2013 |

    Implementing LDAP on AIX Offers a Few Surprises

    Read More

    Posted: June 3, 2013 |

    Good Grief—What Can Be Done About Identity Theft at the *NIX Level?

    What does the SecuringAIX blog, or any OS, have to do with concerns regarding identity theft, such as those incidents showing up in Dutch news? Recent events have me questioning myself: What impact does this have on security measures at an OS level?

    Read More

    Posted: April 8, 2013 |

    AIX Hardening 101

    Read More

    Posted: March 4, 2013 |

    Combining audit and syslog

    Read More

    Posted: February 4, 2013 |

    Are You Compliant, in Control, or Neither?

    Do you know the difference between being “in compliance" and "in control?” Which is more important? And, if you are neither "in compliance" nor "in control," which one should you focus on?


    Read More

    Posted: December 18, 2012 |

    Displaying results 31-40 (of 47)
     |<  <  1 - 2 - 3 - 4 - 5  >  >| 
    -->