What are the downsides to having PostgreSQL database available directly from public network?

Question

When auditing a machine for one of my clients I noticed that they have PostgreSQL listening and accessible from public network. This is not necessary for their application, seems they simply neglected to set up the firewall properly.

PostgreSQL seems to be running default pg_hba.conf file from the distribution package, and it does not accept connections without valid credentials.

I still feel that it is wrong to unnecessarily expose the database to the outside world. What arguments are for/against such approach?

Answer 1

I can see a couple downsides:

• Remote access

This is the most basic one. If the attacker gets the credentials for any user of the database, it will have remote access. Not as improbable as you think. Remember that config.php.bak, vars.php.old, and so on, that someone left over? Guess what happens when the attacker uses dirbuster and grabs those...

• Bruteforce attacks

Your IP is scanned all the time (the so-called internet background noise), and bots will find your Postgres installation. They will try to bruteforce credentials all the time.

• Unknown exploits

If any time there's an exploit on Postgres that allows remote access (like this one), attackers can gain access to the database. Chaining it to any file write capability and the attackers can gain a shell.

• Information disclosure

Depending on version and sub-version, the attackers can guess the distribution and kernel version your server is using. This can lead to more effective exploits.