Is my postgreSql database hacked

[mrstennis]

When you download the official (paid) Pokertracker 3 on this site, is it standard that PostgreSQL creates a Superuser?

I have the feeling that I am getting hacked through my postgresql database. I see files from new postgres users appearing that I didnt make myself, and after removing the superuser option I get denied access to everything. What can I post here to verify if everything is okay?

And how can I get full control of my postgresql database again?

[kraada]

PostgreSQL creates a user whose only capacity is to use the database - it's an extra security measure.

The files PostgreSQL creates and removes files in the PostgreSQL directory are there because these files are your database. You do not need to worry about these files, this is normal PostgreSQL function.

[mrstennis]

PostgreSQL creates a user whose only capacity is to use the database - it's an extra security measure.

The files PostgreSQL creates and removes files in the PostgreSQL directory are there because these files are your database. You do not need to worry about these files, this is normal PostgreSQL function.

So that means that if someone is able to break through my firewall and knows my database name + password, he has full access to my PT database and can retreive my holecards that way and play accordingly right. Can't we restrict the postgres user that he can't send any data out?

[kraada]

In theory you are correct, but it is honestly not something I would ever worry about. You cannot restrict the postgres user from returning data to queries because otherwise PT3 would not be able to get any data from the database itself.

If you would like to go the route least likely to ever jeopardize your hole card data, the thing to do is to get a dedicated computer and only use it ever for playing poker. When you are not playing poker, disconnect it from the internet and turn it off. Then you will be as safe as possible.

[WhiteRider]

I thought the PostgreSQL defaults meant that connections from another computer / outside a router / whatever couldn't access databases?

[kraada]

Yes I presumed "breaking through the firewall" involved actually getting remote access to the computer in question, but the default PostgreSQL configuration does not allow for connections from machines not your own.

Though that also raises the following point: no matter how you have PostgreSQL configured, if someone has access to your machine, they have access to all of the data on it; they could install keyloggers, grab your PT database, do basically whatever they want. Grabbing your PT database should be the least of your concerns at that point.