On Monday 2018-03-05 12:32:50 Dimitri Maziuk wrote: > On 03/05/2018 12:00 PM, Josip Deanovic wrote: > > On Monday 2018-03-05 17:08:45 Shawn Rappaport wrote: > >> Thank you, Patti! You were correct. It turns out there was a > >> vulnerability scan run against that network at that time. > > > > Did you configure your bacula to use SSL/TLS connection? > > I wonder if that would help in your case. > > I'd expect to still see "invalid HELO" logged. Firewalling the port > would work if the scanner and bacula clients live in different subnets.
But the log says: UA Hello from client:10.32.12.18:9101 The same IP was mentioned several times in the logs Shawn provided. The question is: is the IP 10.32.12.18 the IP of the client that had to be backed up? If yes then the vulnerability scan overtook the client's IP. -- Josip Deanovic ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
