On Wed, Apr 13, 2016 at 10:30 AM, Tatsuo Ishii <is...@postgresql.org> wrote: >>> I've also seen it caused by port scanning. >> >> Yes, definitely. Question there might be if that's actually a case when we >> *want* that logging? > > Is it possible a user want the log because he/she wants to notice that > the system is being attacked?
Yeah, but it doesn't seem very likely, because: 1. If the system is on the Internet, it's definitely being attacked, and 2. The attacks that connect to a port and then disconnect are not the ones you should be most worried about, and 3. The right way to detect attacks is through OS-level monitoring or firewall-level monitoring, and nothing we do in PG is going to come close to the same value. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (firstname.lastname@example.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers