top | item 38256643

(no title)

mjochim | 2 years ago

If you used docker run -p 5434:5432, this port is accessible from your network, not just your local machine. Couple that with an IPv6 uplink to your ISP (i.e. typically a gobally reachable IP address for your machine) and a disabled firewall in your home router, and that's one possible way how this could have happened. Of course, home router firewalls are not usually disabled. But it's a possibility.

discuss

Kkoala|2 years ago

Oh well, looks like this is the answer, there was an allow rule for Docker for all incoming traffic... Don't remember setting that one..., but definitely changed that to a "block" now.

Thanks!

agilob|2 years ago

What other software do you run in your network? I got affected by this too, nothing of value was lost so I'm going to create DB from 0. Logs point me to home-assistant trying to bruteforce the postgres database. I'm not running windows.