On Wed, Apr 13, 2016 at 10:30 AM, Tatsuo Ishii <is...@postgresql.org> wrote:
>>> I've also seen it caused by port scanning.
>>
>> Yes, definitely. Question there might be if that's actually a case when we
>> *want* that logging?
>
> Is it possible a user want the log because he/she wants to notice that
> the system is being attacked?

Yeah, but it doesn't seem very likely, because:

1. If the system is on the Internet, it's definitely being attacked, and

2. The attacks that connect to a port and then disconnect are not the
ones you should be most worried about, and

3. The right way to detect attacks is through OS-level monitoring or
firewall-level monitoring, and nothing we do in PG is going to come
close to the same value.

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to