|
HP OpenVMS Systemsask the wizard |
|
The Question is: I'm not exactly sure what version it is. Anyhow here's my question... Is there any way a user can hide from the admins that he/she is using the telnet's gateway? As in.. Im one of the admins here for a school network.. I know that if i type su 'username' /full and it should however show all the procs and terminals that user is using. But my question is.. when a user is going through a telnet gateway.. where would it show that? Also, if a user wanted to hide that he/she is using the telnet gateway, is that possible to do so.. and if so.. how? I would appreciate any answer you are able to give me. Thanks. P.S. I know im supposed to know all this information already but Im more familiar to the UNIX operating system before this job. So i do get confused =/ -- denise The Answer is : There is no documented nor non-privileged method of "hiding" processes (or users) from the standard commands and auditing mechanisms present in OpenVMS. (And if you have untrusted privileged users on the system, you have a serious security problem.) If you are in a situation where you have untrusted users accessing the local system, the Wizard would recommend reading the OpenVMS Guide to System Security manual, and would further recommend giving serious consideration of following the NCSC Class C2 security guidelines listed in the appendix of the manual. Information on the origin of each process is accessable via various means, including the f$getdvi(device,"TT_ACCPORNAM") lexical function, various SYS$REM* logical names, system auditing and accounting, and various SHOW commands. This information originates with the system the connection originates from, and is as trustworthy as the originating system. If you have untrusted systems or untrusted privileged users operating on the same LAN segment of the local network, you will want to seriously consider the installation and configuration of a firewall. In your apparent local environment, the Wizard would recommend enabling most of the security auditing and use-of-privilege capabilities of OpenVMS, as a minimum. Various software packages are available to monitor security compliance, and to report on attempted (or various sorts of actual) security violations. The Wizard is aware of sites that have created their own site-specific tools for this purpose, as well.
|