dnswatchdog.iodocs
Issues

Port 5432: PostgreSQL

Open PostgreSQL port detected on a publicly accessible host.

Severity: Critical | Port: 5432

What is PostgreSQL?

PostgreSQL is a powerful open-source relational database known for its reliability, feature set, and standards compliance. It is widely used in web applications, data analytics, and enterprise systems. PostgreSQL listens on port 5432 by default.

Why this is a problem

Like any database, PostgreSQL should never be directly accessible from the internet. An exposed port allows attackers to attempt authentication, brute-force passwords, or exploit vulnerabilities in the PostgreSQL server. Even with strong passwords, exposing the port increases your attack surface unnecessarily.

What you should do

  • Block port 5432 from the internet
  • Configure pg_hba.conf to only allow connections from trusted IP addresses or networks
  • Place the database on a private subnet
  • Use SSL/TLS for all database connections
  • If remote access is needed, use an SSH tunnel, VPN, or a managed database proxy
  • Disable the default postgres superuser for remote connections

Port 3389: RDP

Open Remote Desktop Protocol port detected on a publicly accessible host.

Port 5601: Kibana

Open Kibana port detected on a publicly accessible host.

On this page

What is PostgreSQL?Why this is a problemWhat you should do