| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Tatsuo Ishii <ishii(at)postgresql(dot)org> |
| Cc: | Magnus Hagander <magnus(at)hagander(dot)net>, Peter Geoghegan <pg(at)heroku(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Incomplete startup packet errors |
| Date: | 2016-04-13 17:03:26 |
| Message-ID: | CA+Tgmoa17zZFtRXOdEb08u0RPFTvSwu4xAd_=wS4pvr-qNY4+Q@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Apr 13, 2016 at 10:30 AM, Tatsuo Ishii <ishii(at)postgresql(dot)org> wrote:
>>> I've also seen it caused by port scanning.
>>
>> Yes, definitely. Question there might be if that's actually a case when we
>> *want* that logging?
>
> Is it possible a user want the log because he/she wants to notice that
> the system is being attacked?
Yeah, but it doesn't seem very likely, because:
1. If the system is on the Internet, it's definitely being attacked, and
2. The attacks that connect to a port and then disconnect are not the
ones you should be most worried about, and
3. The right way to detect attacks is through OS-level monitoring or
firewall-level monitoring, and nothing we do in PG is going to come
close to the same value.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2016-04-13 17:10:02 | Re: SET ROLE and reserved roles |
| Previous Message | Robert Haas | 2016-04-13 16:48:24 | Re: Pglogical questions and problems |