How secure is "hosts allow"? I have "hosts allow = bkup" in my rsyncd.conf. Then in /etc/hosts I have: 188.8.131.52 bkup This makes only 184.108.40.206 able to connect to rsync. Could someone spoof their hostname somehow to trick rsync into letting them in, though? e.g. If they reverse DNS says that they're called "bkup".