You all know rsync, he is our trusty fellow that is always there to help you transfer your stuff and help you forget how scp and rcp treated you bad in the past. He is fast, he is free and he is really nice... maybe too nice.
As it turns out, our good ol' mate is far too nice sometimes and will let passing strangers move your stuff around as well... allow me to elaborate:
1. What is rsync?
Rsync is a small tool developed back in 1996 that allows the user to copy files from one place to another really fast (it's obviously much more complex than that but lets keep it simple for now). This tool can be used for many things but the most common uses are:
- Copy files and folders locally or to an external location (substituting the cp and scp tools respectively)
- Automated backups (both local and to remote locations)
- Mirrors: same idea as backups, since rsync only copies modified files, you can mirror changes in your web directory by rsyncing with your destination.
2. Sounds awesome, what does this have to do with the post title?
Here comes the tricky part: for connecting to remote hosts you can set up a rsync service (rsyncd) and connect to your remote machine via something like:
rsync rsync://<Domain>/
The problem is: many sites have no password protection at all and are accessible by everyone with access to a console.
A quick search on ShodanHQ shows only a few hundred of the thousands of hosts out there with their shares publicly broadcasted, most of them with no password protection.
3. Oh noes! what to do?
Simple: Use rsync over SSH.
Rsync offers the option of using rsync over SSH, protocol that offers lots of possibilities for encryption (please use SSH v2.0 and, if you can, public keys). The usage kinda goes like this:
rsync -avz -e ssh user@host:/remoteDir /localDir/
Here is a quick explanation of the code above
So, that's it! I hope you've learned something today, remember to secure your shares!
More info:
No comments:
Post a Comment