idea against hacks - help to IDS of a new generation

[Peter Stuge]

On Thu, Sep 29, 2005 at 10:22:03PM +0200, Kaleta Stanley wrote:
> what about to add "optional action" as parameter of sshd
> (could be used for IDS' )
> in case of intrussion detection (anyway logged to syslog)

Both your suggestions have been seen before, and the answer is that
OpenSSH already exports the needed information through syslog, and
that's where you (and tools) should look in order to make any
decisions based on failed logins.


//Peter