I think it was the recent set of rsyncd vulnerabilities that motivated a bunch of attackers to have fun with public rsync servers…
Any reason why you’re doing full on mirroring instead of the transparent caching we recommend in Image server infrastructure ?