OK, thank you all for reading my first linux thread. I am a network designer and openly admit to knowing next to nothing about servers and linux platforms etc. Any buzz words I may use here are other peoples and I dont necessarily know what they mean!!

Background.
I have to design remote access for a 3rd party company to come into our network to support an applciation on a linux server. The secure VPN access part is not an issue to me however, the server will be built within a pblade within a bladeframe environment.

Problem.
when the 3rd party securely access the server to do all their good stuff on it, how can I stop them from bouncing to other servers within the bladeframe or from penetrating the rest of the network? Can I "harden" down their account to say that they can opnly do "this - this and this" or can a user account be defined as granular as that.
The access the 3rd require is as follows

- Command line (e.g. Telnet or ssh to the server)

- File transfer (e.g. FTP, sftp)

- SQL*Net (Port 1521)GUI end user interface.

The BladeFrame isnt directly behind a firewall or in a DMZ environment adn to do this would be mean a serious amount of changes to the existing infrastructure.

As I have said the remote access part isnt a concern for me, it is how can I stop the 3rd party from misbehaving when they get in.
Is there any way I can audit what they do and keep a historical logg.
I apologise if this is silly questions but I am thrown in at the deap end here and really dont know much about servers.
I believe that the version of linux is Red Hat Linux v5.2

Many thanks for your time and hopefully help!!

This is a duplicate post of this one: http://www.linuxquestions.org/questi...ccount-745529/
(Where you are receiving answers).

Please don't post the same Q to multiple forums.

yes I received a couple of answers. I had hoped that by posting it within the security area that it would have increased the viewing by security specific personnel. Couldnt see an easy way to move the original to the security forum. Considering myself told off.

I've requested the original in Newbie be moved here to Security. When that happens, I shall merge the two threads together, thereby allowing the discussion to take place in one centralized location. Networking, in cases such as this what you should do is use the Report button and kindly ask the moderators(s) to move it for you. Please don't hesitate to contact me via email if you have any questions/comments regarding this matter.

Actually, since there hasn't been any on-topic discussion here in this duplicate thread yet, I'm just gonna go ahead and close it. The discussion therefore remains in the original thread, which will hopefully be moved to Security soon.