Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-16452

Failed login attempts should log source IP address

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major - P3
    • Resolution: Fixed
    • 2.6.5
    • 3.0.1, 3.1.0
    • Logging, Security
    • Fully Compatible
    • Security [00-02-20-15]

    Description

      MongoDB does not log failed login attempts.

      For installations which need to be open to the public internet (for example because you have mobile clients), this makes it basically impossible to implement some sort of brute force prevention, like fail2ban. Fail2Ban scans log files for failed login attempts and uses various mechanisms like iptables or libwrap (not applicable to mongodb) to locks ipadresses out after a certain amount of failed login attempts.

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. SERVER-16453 MongoDB server should obey /etc/hosts.deny and /etc/hosts.allow on GNU/Linux and UNIX systems

          • Major - P3 - Major loss of function.
          • Backlog
          related to

          Bug - A problem which impairs or prevents the functions of the product. SERVER-22054 Authentication failure reports incorrect IP address

          • Major - P3 - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. SERVER-27595 Client IP address not shown

          • Major - P3 - Major loss of function.
          • Closed

          Activity

            People

              spencer.jackson@mongodb.com Spencer Jackson
              markus.mahlberg@icloud.com Markus Mahlberg
              Votes:
              0 Vote for this issue
              Watchers:
              12 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: