Incoming Rsync Connection Attempts

Home » CentOS » Incoming Rsync Connection Attempts
CentOS 4 Comments

Greetings –

In my logwatch report this morning I noticed reference to an attempt to connect to rsync from an external IP address. It doesn’t appear that the connection was successful based on correlating information between
/var/log/secure and /var/log/messages. But I am looking for some suggestions for implementing more preventative measures, if necessary.
The log information from the last few attempts are shown below.

/var/log/secure Oct 13 00:14:08 Bison xinetd[2232]: START: rsync pid306
from0.97.106.36
Oct 13 01:55:51 Bison xinetd[2232]: START: rsync pid343 from

4 thoughts on - Incoming Rsync Connection Attempts

  • Jeff Boyce писал 2015-10-14 21:13:

    You can block access to tcp/udp port 873 from external addresses. You probably don’t need rsync server either and can just disable it.

  • 2015-10-14 20:13 GMT+02:00 Jeff Boyce :

    Why do you have rsyncd enabled if you don’t have rsyncd.conf ? If your pusing backups using rsync over ssh, you don’t need rsynd.

    — Laurent.

  • block all ports except what you need at your firewall.

    suggestion, retire FTP, and use something like OwnCloud for customer file transfers, this is a dropbox style web based file service.