Dear all, Juniper's syslog is arguably strange, by default.
Point in case, with "any warning": * If I try to log in with an existing user and bad password via ssh, a remote syslog message with username and source IP is logged * If I try to log in with a non-existing user and any via ssh, _no_ remote syslog message is generated. I get why you wouldn't want to log a fat-fingered password as username, but source IP, or at least the attempt, should be logged * Every time I log out, inetd feels the need to tell me the return code of my sshd process While we are obviously customizing this, I am sure that there are quite sophisticated syslog configurations out there which balance verbosity and security which have grown over the years. Long story short, I would appreciate a sharing of syslog configurations, potentially interleaved with a discussion about relative merits. Thanks, Richard _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
