RE: SUN Solaris UserFrom: Sean Boran (firstname.lastname@example.org)
- Previous message: Roland Crüsemann: "Switching audit files under Solaris 8 via cron"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Sean Boran" <email@example.com> To: "'Paul Julias'" <firstname.lastname@example.org>, <email@example.com> Subject: RE: SUN Solaris User Date: Sat, 10 Nov 2001 14:04:31 +0100 Message-ID: <firstname.lastname@example.org>
> I running a Sunscreen Firewall and have been requested to
> provide system
> access to our Networks Engineer who from time to time may want to
> troubleshoot comms including routing details. What is the
> best approach to
> creating such a user and what minimum level access should be provided.
I suggest you set up a sniffer on each side of the firewall and give him
access to that. You can used some cheap old sparc5s or so, and snoop
should keep him happy.
Make sure the sniffers are really welll hardened, and use access control
Otherwise, I would suggest a user account on the sunscreen, and use sudo
or rbac to allow him to access only snoop (don't give him root..).