Help answer threads with 0 replies.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


Closed Thread
  Search this Thread
Old 08-06-2009, 11:48 AM   #1
LQ Newbie
Registered: Aug 2009
Posts: 8

Rep: Reputation: 0
Unhappy hardening \ securing \ auditing a linux server account

OK, thank you all for reading my first linux thread. I am a network designer and openly admit to knowing next to nothing about servers and linux platforms etc. Any buzz words I may use here are other peoples and I dont necessarily know what they mean!!

I have to design remote access for a 3rd party company to come into our network to support an applciation on a linux server. The secure VPN access part is not an issue to me however, the server will be built within a pblade within a bladeframe environment.

when the 3rd party securely access the server to do all their good stuff on it, how can I stop them from bouncing to other servers within the bladeframe or from penetrating the rest of the network? Can I "harden" down their account to say that they can opnly do "this - this and this" or can a user account be defined as granular as that.
The access the 3rd require is as follows

- Command line (e.g. Telnet or ssh to the server)

- File transfer (e.g. FTP, sftp)

- SQL*Net (Port 1521)GUI end user interface.

The BladeFrame isnt directly behind a firewall or in a DMZ environment adn to do this would be mean a serious amount of changes to the existing infrastructure.

As I have said the remote access part isnt a concern for me, it is how can I stop the 3rd party from misbehaving when they get in.
Is there any way I can audit what they do and keep a historical logg.
I apologise if this is silly questions but I am thrown in at the deap end here and really dont know much about servers.
I believe that the version of linux is Red Hat Linux v5.2

Many thanks for your time and hopefully help!!
Old 08-06-2009, 12:37 PM   #2
LQ 5k Club
Registered: May 2003
Location: London, UK
Distribution: Fedora38
Posts: 6,147

Rep: Reputation: 435Reputation: 435Reputation: 435Reputation: 435Reputation: 435
This is a duplicate post of this one:
(Where you are receiving answers).

Please don't post the same Q to multiple forums.
Old 08-06-2009, 12:49 PM   #3
LQ Newbie
Registered: Aug 2009
Posts: 8

Original Poster
Rep: Reputation: 0
yes I received a couple of answers. I had hoped that by posting it within the security area that it would have increased the viewing by security specific personnel. Couldnt see an easy way to move the original to the security forum. Considering myself told off.
Old 08-06-2009, 02:10 PM   #4
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
I've requested the original in Newbie be moved here to Security. When that happens, I shall merge the two threads together, thereby allowing the discussion to take place in one centralized location. Networking, in cases such as this what you should do is use the Report button and kindly ask the moderators(s) to move it for you. Please don't hesitate to contact me via email if you have any questions/comments regarding this matter.

Last edited by win32sux; 08-06-2009 at 02:12 PM.
Old 08-06-2009, 02:20 PM   #5
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Actually, since there hasn't been any on-topic discussion here in this duplicate thread yet, I'm just gonna go ahead and close it. The discussion therefore remains in the original thread, which will hopefully be moved to Security soon.

Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
hardening \ securing \ auditing a linux server account Networking Linux - Security 15 09-22-2009 08:00 PM
Securing / Hardening RHEL4 for Web Hosting?? phpinfo Linux - Security 7 02-12-2009 09:08 AM
LXer: Securing and Hardening Linux Production Systems LXer Syndicated Linux News 0 01-21-2006 02:16 AM
Linux Server Auditing mshajan Linux - Software 1 05-05-2005 02:37 PM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:21 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration