What is it?
Rsync (remote synchronization) has been used for over two decades to move and mirror file systems between computers on a network; it is often used for maintaining a backup because it only transfers differences between the two systems; it’s very efficient. The Wikipedia entry for rsync linked below provides an excellent overview of the utility and how to use it.
Why is it a risk?
Although rsync can be run from the command line, it is most often used in ‘deamon’ mode (rsyncd). When the rsync port (873) is exposed to the Internet, it creates an attack risk.
How can you mitigate the risk?
If you do not need to synchronize files across the Internet, then you can close port 873 to all Internet traffic.
If you do need to use the Internet to synchronize files, then the best approach is to use Secure Shell (SSH) to securely tunnel the rsync communication rather than exposing rsync directly. The freeCodeCamp article, The Ultimate Guide to SSH, provides instructions on how to set up SSH.
If you absolutely must expose rsync to the Internet, then there are configuration settings that can secure rsync. The UpGuard article, ‘How to Secure Rsync’ provides a useful starting point.
Resources:
Wikipedia: rsync
https://en.wikipedia.org/wiki/Rsync
The Ultimate Guide to SSH
https://www.freecodecamp.org/news/the-ultimate-guide-to-ssh-setting-up-ssh-keys/
How to Secure Rsync
https://www.upguard.com/blog/secure-rsync
