Hi all,
Looks like security has been talked about to death, but I can’t find anything related to securing rsync.
CONCERN: I received the following warning from my ISP:
-
XX.XX.XX.XXX :
-
Open rsync : A publicly accessible rsync server can lead to exposure of sensitive data.
- Module: Public;SmartWare;TimeMachineBackup;“PROCEEDS TO LIST ALL OF THE SHARES ON MY DRIVE”
-
Open rsync : A publicly accessible rsync server can lead to exposure of sensitive data.
Security Advisory Event 9406
Concerned because they were actually able to see ALL of my shares.
GOALS: Resolve this security problem while still being able to:
1. access my files remotely
2. Perform a remote backup to an offsite mycloud.
Has anyone used FortressSecure? Would that solve this problem?
Other Details: Current setup already has:
- all shares ‘Public Access’ set to off, individual users setup as needed.
- HTTPS, Remote Backup and SSH port forwarding setup (both myclouds backup unique shares to each other, so both have this port forwarding setup)
- Remote server is turned on for the backups to work.
- Cloud access is turned on.
- AFP, NFS, SSH on