idea against hacks - help to IDS of a new generation

Peter Stuge stuge-openssh-unix-dev at cdy.org
Fri Sep 30 07:29:27 EST 2005


On Thu, Sep 29, 2005 at 10:22:03PM +0200, Kaleta Stanley wrote:
> what about to add "optional action" as parameter of sshd
> (could be used for IDS' )
> in case of intrussion detection (anyway logged to syslog)

Both your suggestions have been seen before, and the answer is that
OpenSSH already exports the needed information through syslog, and
that's where you (and tools) should look in order to make any
decisions based on failed logins.


//Peter




More information about the openssh-unix-dev mailing list