Link to home
Create AccountLog in
Avatar of CodedK
CodedKFlag for Greece

asked on

Is it dangerous to give access...

Hi experts.
I'm currently paying a company for a dedicated server. The server wears centos with fairly good specs. For sometime now I am experiencing downtimes. Several times in a week for several hour.
When I complained to the company they asked me to setup an IPMI with a predefined password.

My question is... Since I have sensitive data inside this machine -
Could you please explain to me if this kind of access is dangerous and what kind of info this tech guy will see.
Thanks in advance.
ASKER CERTIFIED SOLUTION
Avatar of coredatarecovery
coredatarecovery
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Is it dangerous, possibly.
is it needed to solve your problem, yes if you are not a unix geek.

I agree with uescom, They more than likely don't care about your data and further more they won't be able to see data in databases without the un/pw of the particular database.

Files can be copied with this interface or access gained to root (as they will have to be a sudoer)
So, I would setup file access monitoring to another server with a secure link so it updates to another computer that they don't have access to, or send yourself an email message everytime that root or another sudoer accesses the particular directory of files with a script containing something like:
system("echo \"Body of the message\" | mail -s \"Subject line\" recipient1@address1 recipient2@address2");

this will alert you if they access the files in question and you can ask why they did that.

Stay vigilant,
Security is only as good as your thought process.
Chuck House.
Avatar of CodedK

ASKER

Thank you both for your fast and good answers.
I am totally helpless with this, I know only the very basics and I
cant follow your suggestions easily.
There is something very weird with this server and their tech support. They have a 99.9 uptime guaranty and the last 20 days the server was down 6 times for several hours each time and one time for 3 days.
They claim that its a software issue and I hear words like kernel panic, RAM full etc and i really want to laugh coz its something that hasnt changed for months.
So if you say (please confirm) that this kind of access is not secure and they could copy my files then I will deny their request and change server.




Avatar of CodedK

ASKER

Thank you.