| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com> |
| Cc: | Rodrigo Sakai <rodrigo(dot)sakai(at)poli(dot)usp(dot)br>, pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: Change port number |
| Date: | 2006-02-13 01:13:44 |
| Message-ID: | 1834.1139793224@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
"Joshua D. Drake" <jd(at)commandprompt(dot)com> writes:
> Rodrigo Sakai wrote:
>> I have a question about changing the port number of Databases
>> server. It was told to me that is a good administrative practice to
>> change the port number of the services, like change the 5432 to 6985
>> or any other number. This is for security reasons. Is really a good
>> practice?
> Well, not really. Anyone who wants to get in, is just going to scan your
> ports to find out what is open anyway. What you really need to do
> is have a decent firewall in place and correctly configure postgresql
> from the beginning.
It's just "security by obscurity". Now there's nothing wrong with that,
as long as you realize that it's only one obstacle in the path of an
attacker, and not a very large one. Use it as one component of your
security plan, but not the only one.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Rodrigo Sakai | 2006-02-13 02:00:24 | Change port number |
| Previous Message | Joshua D. Drake | 2006-02-13 01:06:32 | Re: Change port number |