RUGGEDCOM ROS
User Guide
Chapter 4
System Administration
Security Alarms for Login Authentication
111
Message Name
Alarm
SNMP Trap
Syslog
Weak Password Configured
Yes
Yes
Yes
Default Keys In Use
ROS generates this alarm and logs a message in the syslog when default keys are in use. For more information
about default keys, refer to
Section 1.8, “Certificate and Key Requirements”
.
NOTE
For Non-Controlled (NC) versions of ROS, this alarm is only generated when default SSL keys are in
use.
Message Name
Alarm
SNMP Trap
Syslog
Default Keys In Use
Yes
Yes
Yes
Login and Logout Information
ROS generates this alarm and logs a message in the syslog when a successful and unsuccessful login attempt
occurs. A message is also logged in the syslog when a user with a certain privilege level is logged out from the
device.
Login attempts are logged regardless of how the user accesses the device (i.e. SSH, Web, Console, Telnet or
RSH). However, when a user logs out, a message is only logged when the user is accessing the device through
SSH, Telnet or Console.
Message Name
Alarm
SNMP Trap
Syslog
Successful Login
Yes
Yes
Yes
Failed Login
Yes
Yes
Yes
User Logout
No
No
Yes
Excessive Failed Login Attempts
ROS generates this alarm and logs a message in the syslog after 10 failed login attempts by a user occur within
a span of five minutes. Furthermore, the service the user attempted to access will be blocked for one hour to
prevent further attempts.
Message Name
Alarm
SNMP Trap
Syslog
Excessive Failed Login Attempts
Yes
Yes
Yes
RADIUS Server Unreachable
ROS generates this alarm and logs a message in the syslog when the primary RADIUS server is unreachable.
Message Name
Alarm
SNMP Trap
Syslog
Primary RADIUS Server
Unreachable
Yes
Yes
Yes
Server Unreachable
ROS generates this alarm and logs a message in the syslog when the primary server is unreachable.
Message Name
Alarm
SNMP Trap
Syslog
Primary TACACS Server
Unreachable
Yes
Yes
Yes