Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-27595

Client IP address not shown

    XMLWordPrintable

Details

    • Minor Change
    • ALL
    • Hide

      Try to login with an nonexistent user

      Show
      Try to login with an nonexistent user
    • Platforms 2017-06-19

    Description

      When an user tries to brute force access the mongo database it does not show the ip address of the incoming connection attempt.

      I only get the following two lines of log:

      2017-01-06T00:57:05.883+0000 I ACCESS [conn6110] Failed to authenticate rafa@admin with mechanism MONGODB-CR: AuthenticationFailed: UserNotFound: Could not find user rafa@admin
      2017-01-06T00:57:06.253+0000 I ACCESS [conn6110] authenticate db: admin

      { authenticate: 1.0, user: "rafa", nonce: "xxx", key: "xxx" }

      When the user exists but the password is wrong, I get the following line of log:

      2017-01-05T23:38:55.782+0000 I ACCESS [conn624] Failed to authenticate rafa@admin with mechanism MONGODB-CR: AuthenticationFailed: MONGODB-CR credentials missing in the user document

      I've found that this issue SERVER-16452was to resolve this problem.

      I've seen this problem with both versions that I marked.

      Attachments

        Issue Links

          Activity

            People

              sara.golemon@mongodb.com Sara Golemon
              brunohms Bruno Henrique Miranda dos Santos
              Votes:
              2 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: