On Sun, Dec 30, 2001 at 05:32:28AM -0500, Philip Mak wrote:
How secure is hosts allow?
It's not.
I have hosts allow = bkup in my rsyncd.conf. Then in /etc/hosts I have:
64.29.16.235 bkup
This makes only 64.29.16.235 able to connect to rsync.
Could someone spoof their hostname
How secure is hosts allow?
I have hosts allow = bkup in my rsyncd.conf. Then in /etc/hosts I have:
64.29.16.235bkup
This makes only 64.29.16.235 able to connect to rsync.
Could someone spoof their hostname somehow to trick rsync into letting
them in, though? e.g. If they reverse DNS says