I have the following setup consisting of 2 severs running Linux kernel 2.6.24-23 server of which in one I run the the database server on a local IP(192.168.1...) and the other system with a public IP running the JBoss server. My data server is behind a firewall and the JBoss server has the ssh port open with access restricted only from fixed IPs and I require the ssh port for remote maintenance of the web server. My question is that in the event of my JBoss server being hacked and the hacker somehow acquire the root privilege is there any way for me to protect my data server running postgresql 8.3? My JBoss server has a JNDI data source under a security domain. Is there a way available for me to prevent the hacker from using this JNDI name to establish connection with my database? My xml configuration for the data source has in it the password encrypted. -- RGL