Re: monitoring postgres
От | Lincoln Yeoh |
---|---|
Тема | Re: monitoring postgres |
Дата | |
Msg-id | 5.1.0.14.1.20030130010425.0281dd90@mbox.jaring.my обсуждение исходный текст |
Ответ на | monitoring postgres ("Matthew Nuzum" <cobalt@bearfruit.org>) |
Список | pgsql-general |
I may be overparanoid but I suggest you configure your firewall to not allow postgresql and other services that your external users do not absolutely _need_ to access. And then write an app for those absolutely necessary ports to check the status of your postgresql servers. Example:if external users MUST be able to browser your webserver, write a small web app that checks the Client IP and if it's the monitoring service (or your static IP), checks to see if your postgresql servers are running fine, and returns a page depending whether they're all fine or not. If it's not monitoring service's IP, return a different page without checking the servers at all (this is to prevent people from DoSing your db servers - doesn't stop them from DoSing your webserver but with a properly configured webserver and webapp most sites would run out of bandwidth first). An issue to watch out for: you might wish to use HTTPS or HTTP on a different port instead of HTTP on port 80 because if there are transparent HTTP caching proxies between them and your site, you could get the proxy IPs and not the monitoring service's IP. You could also write a simple custom network app that listens on a desired port and displays an appropriate banner depending on the situation, it's not too difficult but you might not want to do that - if you screw this app up you could be introducing another vulnerability. I'm not saying the postgresql is necessarily insecure, but I believe that the developers typically have different priorities and perspectives. So it is better to only expose things that are designed to be exposed to a hostile environments. Of course I could be wrong, and the Postgresql developers could have designed and implemented Postgresql for hostile network environments. Even if that is the case, you should still configure your firewall to only allow the monitoring service access to your postgresql server. Because if your monitoring service somehow makes 10000 concurrent connections to each postgresql server you have decent options. Whereas if unknown hosts do that I doubt your options are as good. Hope this helps, Link. At 11:15 AM 1/29/03 -0500, Matthew Nuzum wrote: >I subscribe to a server monitoring service that notifies me if any of my >public servers stop responding to periodic queries. > >It has predefined functions for monitoring standard web facing services >such as ftp, telnet, http, https etc. They also offer a custom function >for other services, which is what I need to use to monitor my postgres >servers. > >They do a challenge and response type query where they send a specific >message on UDP or TCP port of my choosing and if they don't get the >response that I specify then they send me a page. > >The problem is that I block traffic to my Postgres servers at the >Postgres level using a list of acceptable hosts that can connect to the >server. I don't want to add their hosts to my server's allow list. > >I'm not blocking them at the firewall, so they can see the server on >that port, but can anyone suggest a text string and expected response >that I can use to know that the server is OK?
В списке pgsql-general по дате отправления: