AFAIK, incoming director connections only come from bconsole, monitors and clients that use "Client Initiated Backup" or "Client Behind NAT" (Connect To Director) in bacula-fd.conf.
So maybe you don't need to allow incoming connections from everywhere? __Martin >>>>> On Mon, 04 Dec 2023 17:22:29 +0000, MylesDearBusiness via Bacula-users >>>>> said: > > Hello, > > I just installed Bacula director on one of my cloud servers. > > I have set the firewall to allow traffic in/out of port 9101 to allow it > to be utilized to orchestrate remote backups as well. > > What I want to do is to identify the potential attack surface and create > a fail2ban jail configuration. > > Does anybody have an exemplar that I can work with? > > Also, is there a way to simulate a failed login attempt with a tool such > as netcat? I could possibly use PostMan and dig into the REST API spec, > but I was hoping the community would be able to shortcut this effort. > > What say you? > > Thanks, > > <Myles> > > > > > _______________________________________________ > Bacula-users mailing list > Bacula-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bacula-users > _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
