topic Re: Remote Data access in Operating System - HP-UX

Remote Data access

javedk — Thu, 29 Mar 2007 05:15:17 GMT

Hi, We have a requirement to allow remote VPN access to one of our software vendors to access our data for trouble shooting purpose. The data is confidentail and the kind of acces requested is telnet and sqlplus. Is it possible to monitor all commands being run by them using telnet and sqlplus.

How are these kind of requests generally handled?

Re: Remote Data access

Steven E. Protter — Thu, 29 Mar 2007 05:56:59 GMT

Shalom,

Yes, especially for telnet. If the data is confidential, you might wish to use ssh instead of telnet. ssh does the same thing except that authentication and data connection is encrypted.

Make sure in telnet/ssh the HISTFILE option is set in the user environment.

The vendor can turn it off, but that command will be visible.

You can look at the archive logs to see all read/write transactions on the database and sqplus probably has a logging mode you can insist on using.

SEP

Re: Remote Data access

javedk — Thu, 29 Mar 2007 06:33:26 GMT

They can easily bypass HISTFILE and hence we canot depend fully on HISTFILE.

Sorry if I am asking something silly. Is there a way we can avoid a remote user from doing things like cat a file and capture it in their terminal emulator.

To be more precise is it possible for us to ensure that the remote user will not capture our information if they are just given an SSH and sqlplus.