mirror of https://github.com/fail2ban/fail2ban
Make changes and add test file
parent
8c40766511
commit
8ac28e5dcb
|
@ -1,5 +1,12 @@
|
|||
# Fail2Ban filter for unsuccesfull MongoDB authentication attempts
|
||||
#
|
||||
# Logfile /var/log/mongodb/mongodb.log
|
||||
#
|
||||
# add setting in /etc/mongodb.conf
|
||||
# logpath=/var/log/mongodb/mongodb.log
|
||||
#
|
||||
# and use of the authentication
|
||||
# auth = true
|
||||
#
|
||||
|
||||
[Init]
|
||||
|
|
|
@ -731,13 +731,7 @@ logpath = %(mysql_log)s
|
|||
backend = %(mysql_backend)s
|
||||
|
||||
|
||||
# Log wrong MongoDB auth
|
||||
# Logfile /var/log/mongodb/mongodb.log
|
||||
# add setting in /etc/mongodb.conf
|
||||
# logpath=/var/log/mongodb/mongodb.log
|
||||
#
|
||||
# and use of the authentication
|
||||
# auth = true
|
||||
# Log wrong MongoDB auth (for details how ... see filter ...)
|
||||
[mongodb-auth]
|
||||
port = 27017
|
||||
logpath = /var/log/mongodb/mongodb.log
|
||||
|
|
|
@ -0,0 +1,24 @@
|
|||
# failJSON: { "time": "2016-11-20T00:04:00", "match": true , "host": "192.168.1.35" }
|
||||
2016-11-20T00:04:00.110+0200 [conn1] Failed to authenticate root@admin with mechanism MONGODB-CR: AuthenticationFailed UserNotFound Could not find user root@admin
|
||||
2016-11-20T00:04:00.111+0200 [conn1] end connection 192.168.1.35:53276 (0 connections now open)
|
||||
|
||||
# failJSON: { "time": "2016-11-20T00:24:00", "match": true , "host": "220.95.238.171" }
|
||||
2016-11-20T00:24:00.110+0200 [conn5] Failed to authenticate root@admin with mechanism MONGODB-CR: AuthenticationFailed UserNotFound Could not find user root@admin
|
||||
2016-11-20T00:24:00.111+0200 [conn5] end connection 220.95.238.171:53276 (0 connections now open)
|
||||
|
||||
# failJSON: { "time": "2016-11-20T00:24:00", "match": true , "host": "220.95.238.176" }
|
||||
2016-11-20T00:24:00.110+0200 [conn334] Failed to authenticate root@admin with mechanism MONGODB-CR: AuthenticationFailed key mismatch
|
||||
2016-11-20T00:24:00.111+0200 [conn334] end connection 220.95.238.176:53276 (0 connections now open)
|
||||
|
||||
# failJSON: { "time": "2016-11-20T00:24:00", "match": true , "host": "167.96.268.1" }
|
||||
2016-11-20T00:24:00.110+0200 [conn56] Failed to authenticate root@admin with mechanism MONGODB-CR: AuthenticationFailed key mismatch
|
||||
2016-11-20T00:24:00.111+0200 [conn56] end connection 167.96.268.1:53276 (0 connections now open)
|
||||
|
||||
# failJSON: { "time": "2016-11-20T00:24:00", "match": false , "host": "127.0.0.1" }
|
||||
2016-11-10T12:54:02.370+0100 [initandlisten] connection accepted from 127.0.0.1:58774 #2261 (1 connection now open)
|
||||
2016-11-10T12:54:02.370+0100 [conn2261] end connection 127.0.0.1:58774 (0 connections now open)
|
||||
|
||||
# failJSON: { "time": "2016-11-10T13:07:49", "match": false , "host": "177.13.20.178" }
|
||||
2016-11-10T13:07:49.781+0100 [conn2271] authenticate db: admin { authenticate: 1, nonce: "xxx", user: "root", key: "xxx" }
|
||||
2016-11-10T13:07:49.834+0100 [conn2271] end connection 177.13.20.178:60268 (3 connections now open)
|
||||
|
Loading…
Reference in New Issue