BUG #14194: Why do these bases are open to public access?
The following bug has been logged on the website:
Bug reference: 14194
Logged by: Alex
Email address: yobas@bk.ru
PostgreSQL version: Unsupported/Unknown
Operating system: Windows 7 x64
Description:
I will begin immediately with the fact, if we look for an inquiry shodan.io
"database "template0" is not currently", then we have a list of 5960 hosts
an open database. Here are a couple of examples in pictures
https://yadi.sk/d/_7cK7CxNsWs6i
--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs
On Wed, Jun 15, 2016 at 3:25 PM, <yobas@bk.ru> wrote:
The following bug has been logged on the website:
Bug reference: 14194
Logged by: Alex
Email address: yobas@bk.ru
PostgreSQL version: Unsupported/Unknown
Operating system: Windows 7 x64
Description:I will begin immediately with the fact, if we look for an inquiry
shodan.io
"database "template0" is not currently", then we have a list of 5960 hosts
an open database. Here are a couple of examples in pictures
https://yadi.sk/d/_7cK7CxNsWs6i
Maybe something is getting lost in translation here, and sorry, but I'm not
going to click a random link for this...but "template0" is basically a
system database that should never be touched. The behavior you are seeing
is intended. This is not a bug nor, really, a good bug report. It usually
helps to actually ask a question and/or state what your expectation is.
David J.
On Thu, Jun 16, 2016 at 9:57 AM, David G. Johnston <
david.g.johnston@gmail.com> wrote:
On Wed, Jun 15, 2016 at 3:25 PM, <yobas@bk.ru> wrote:
The following bug has been logged on the website:
Bug reference: 14194
Logged by: Alex
Email address: yobas@bk.ru
PostgreSQL version: Unsupported/Unknown
Operating system: Windows 7 x64
Description:I will begin immediately with the fact, if we look for an inquiry
shodan.io
"database "template0" is not currently", then we have a list of 5960 hosts
an open database. Here are a couple of examples in pictures
https://yadi.sk/d/_7cK7CxNsWs6iMaybe something is getting lost in translation here, and sorry, but I'm
not going to click a random link for this...but "template0" is basically a
system database that should never be touched. The behavior you are seeing
is intended. This is not a bug nor, really, a good bug report. It usually
helps to actually ask a question and/or state what your expectation is.David J.
David - I agree with you. Taking a look at the shodan.io "Search Engine for
IoT" my guess is this was a surprise to have ~6K postgresql hosts exposed
on the internet. Of course, PostgreSQL by default does not allow remote
connections and it is up to the user to expose the port through their
firewall to the wide open internet.
On Thu, Jun 16, 2016 at 10:57 PM, David G. Johnston
<david.g.johnston@gmail.com> wrote:
This is not a bug nor, really, a good bug report.
This is not a bug report at all. Misconfiguration is not something
that can be qualified as such.
--
Michael
--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs