[j-nsp] SSG
Sidney Boumendil
sidney.boumendil at gmail.com
Mon Sep 1 05:24:53 EDT 2008
On 9/1/08, SunnyDay <cscosunny at gmail.com> wrote:
> Hello
>
> Is there anyway to log failed login attempts to SSG firewalls?
Failled login should appear in the event log:
2008-09-01 10:46:56 warning Admin user "netscreen" login attempt for
Web(http) management (port 80) from x.x.x.x:62851 failed.
2008-09-01 10:46:56 warning Admin user netscreen has been rejected
via the TACACS server at x.x.x.x.
2008-09-01 10:46:54 warning ADM: Local admin authentication failed
for login name netscreen: invalid password
In case of multiple login failure a critical event is raised:
2008-09-01 11:01:20 crit Multiple login failures occurred for user a
from IP address x.x.x.x:62913
These messages can be sent to NSM and a syslog server. Critical events
can also raise a snmp trap.
Sidney
More information about the juniper-nsp
mailing list