Also, it should be possible to use IPsec, and require all
communication between the backup server to the client to be in ESP.
This should ensure that only packets in ESP, and hence authenticated,
are presented to the IP stack, making the IP-based acl reliable.
A wrinkle is that amanda uses hard-to-predict ports, but the same
option that constrains those for firewalling should help for this. Of
course, if you have a restricted SPD, then you also have to ensure
that amanda drops packets not from the expected port range, and since
this wasn't written as a security feature I wouldn't count on that.
--
Greg Troxel <[EMAIL PROTECTED]>
