[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PostgreSQL Question

To: <members@xxxxxxxxxxxxxxxxxx>
Subject: Re: PostgreSQL Question
From: "Richard Zimmerman" <Richard@xxxxxxxxxxxx>
Date: Wed, 4 Apr 2001 18:05:58 -0500
Organization: K&B Transport, Inc.
References: <Pine.SUN.4.30.0104041438460.22651-100000@cobra.mlc.lib.mi.us> <5.0.0.25.0.20010404160440.02b96060@mail.zoner.org>
Reply-To: "Richard Zimmerman" <Richard@xxxxxxxxxxxx>

> You make a good case for packet filtering on that interface.  Given your
> concern about that interface being portscanned, I assume that machine is
> not behind a firewall.  So, create some defense in depth:
> Block external access to port 5432, as you did, using the postgresql
configs.
> Block external access to port 5432 with ip-chains or netfilter (depending
> on which kernel you're using).

   Actually, I've done exactly that...

  I have setup input & output rules on eth1 (external network card) to block
port 5432... I'd rather have the port "hidden" so it's never seen on an
outside scan to begin with....

   OK, so I'm being picky! <G>

   Good suggestions though!!!

   I've got an email drafted and I'll find the proper address to send it to
in the morning....

   Goose

References:
- Re: PostgreSQL Question
  - From: Mark Szidik
- Re: PostgreSQL Question
  - From: John Holland

Prev by Date: Re: PostgreSQL Question
Next by Date: Monthly Word From The Program Director
Prev by thread: Re: PostgreSQL Question
Next by thread: Re: PostgreSQL Question
Index(es):
- Date
- Thread