Summary
The purpose of this page is to demonstrate how to install PostgreSQL server in a very basic configuration on a Windows system.
Installation
Step 1: Download
Download the latest Windows PostgreSQL server version from here: https://www.enterprisedb.com/downloads/postgres-postgresql-downloads
Step 2: Run the Installer
Run the installer once the download completes.
Step 3: Chose the Software Installation Directory
This is the folder where the server software will be installed. The default path will work for most installations.
Step 4: Select the Desired Components
You will typically want most of these components. At a minimum, you need the PostgreSQL Server component.
Step 5: Configure the Database Storage Path
This is the folder where the server data will be stored (e.g. database storage). The default path will work for most installations.
Step 6: Configure the Superuser Password
Set a password for the default superuser called postgres. Keep this password for the SpecterInsight settings.json file later on.
Step 7: Configure the Listening Port
Set the local TCP port to listen on for connections. The default value will work for most installations.
Step 8: Configure Locality Option
Configure the locality option. The default value will work for most installations.
Step 9: Review Installation Options
Review the summary of installation options and make sure everything is configured to your liking before hitting the Next button.
Step 10: Start the Installation
Click the Next button to start the installation.
Step 11: Wait for the Installation to Finish
Wait for the installer to finish.
Step 12: Close the Installer
Uncheck the Stack Builder option.
Step 13: Navigate to Windows Firewall Settings in Control Panel
Open up the Control Panel and navigate to the Windows Defender Firewall -> Allowed apps. Click on the “Allow another app…” button.
Step 14: Add the Postgres Server Executable as an Exception
Navigate to “C:\Program Files\PostgreSQL\16\bin\” and select postgres.exe. Then click the “Add” button.
Step 15: Modify pg_hba.conf
This step configures the PostgreSQL Server to accept logins from any user and any database on any local network interface. This should only be done if the server is not publicly accessible.
# TYPE DATABASE USER CIDR-ADDRESS METHOD
host all all 0.0.0.0/0 scram-sha-256Step 16: Restart the Server
Open up a PowerShell prompt as administrator and run the command shown to the right.
Restart-Service -Name postgresql-x64-16And you’re done!
Conclusion
In this tutorial, you:
- Installed PostgreSQL Server for Windows
- Configured a Windows Defender Firewall exemption for the postgres.exe executable
- Modified the pg_hba.conf file to allow all users to authenticate on any interface
You can now continue the SpecterInsight installation and setup tutorial here: https://practicalsecurityanalytics.com/specterinsight/tutorials/installation/