On 11/29 08:52 , Les Stott wrote: > Why doesn't anyone like running rsyncd on a windows box standalone?
It's not encrypted. Neither for the transfer, nor for the authentication. Don't assume that your local network is safe. :) > 2. rsyncd can be set to only allow connections from a single host (i.e. > 192.168.1.1), so if your not on that network nothing can connect anyway. addresses can be spoofed. (Tho you're right, it does present a high hurdle to overcome). > 3. you can secure even further using an rsyncd.secrets file. AFAIK, the authentication is done in plain-text tho; so it's easy for an attacker to sniff the username & password off the wire. (switches provide a hurdle, but not an insuperable one). You're right; BackupPC rsyncd is a very nice package, and I use it extensively. However, I would really prefer some sort of strong authentication and encryption for my data. -- Carl Soderstrom Systems Administrator Real-Time Enterprises www.real-time.com ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/backuppc-users http://backuppc.sourceforge.net/
