Re: Postgres dying after many failed logins

Thank you for the feedback.

We originally had this setup as a test, and we were connecting to the db from outside. Once the test scenario became something more permanent we neglected to fix access rights. Currently all access should be from a docker GUI which is run on that AWS instance, so I agree it shouldn’t be available.

As you suggest, we’ve removed the postgres port from the AWS instance inbound rules and hoping this takes care of it . Thanks again – I’m new to AWS and postgres setup so am making mistakes, but learning.

From: Rui DeSousa <rui(at)crazybean(dot)net>
Date: Monday, November 8, 2021 at 12:33 PM
To: Lynn Carol Johnson <lcj34(at)cornell(dot)edu>
Cc: "pgsql-admin(at)lists(dot)postgresql(dot)org" <pgsql-admin(at)lists(dot)postgresql(dot)org>
Subject: Re: Postgres dying after many failed logins

On Nov 8, 2021, at 7:45 AM, Lynn Carol Johnson <lcj34(at)cornell(dot)edu<mailto:lcj34(at)cornell(dot)edu>> wrote:

2021-11-05 14:35:09.197 UTC [1451469] LOG: received smart shutdown request
2021-11-05 14:35:09.222 UTC [1451660] postgres(at)breedbase FATAL: terminating connection due to administrator command

That does not look like PostgreSQL crashed but is being shutdown by RDS services due to a DOS attack.

Two things;

1. A firewall should be blocking the incoming rouge traffic to protect the given server; otherwise the system is open to a DOS attack.
2. Why is PostgreSQL accessible on the internet? Normally DB servers are at least 3 deep from the internet and only internal trusted nodes should be connecting to the database.