What is interesting is that the rsync daemon is not something typically enabled by default, you have to go in and manually turn it on, and if you don't alter the configuration to add users and passwords, it simply won't allow login at all.
So someone has gone out of their way to set up insecure rsync daemons.
I wonder if all of these open rsync daemons is due to a poorly configured appliances like a NAS or some other "turn-key" vendor supplied kit. But even then it is a strange thing to enable insecurely...
Interesting. I knew it needed to be turned on but didn't realize that you needed to add users. So Rsync doesn't just use the default login info, the way SSH does?
So someone has gone out of their way to set up insecure rsync daemons.
I wonder if all of these open rsync daemons is due to a poorly configured appliances like a NAS or some other "turn-key" vendor supplied kit. But even then it is a strange thing to enable insecurely...