Your message dated Sat, 17 Dec 2016 23:36:36 +0000
with message-id <[email protected]>
and subject line Bug#820712: fixed in mon 1.2.0-9+nmu1
has caused the Debian Bug report #820712,
regarding mon: By default mon listens on port 2583 with no access control
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
820712: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820712
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: mon
Version: 1.2.0-9
Severity: important
By default mon accepts connections from the world on port 2583, this exposes
information about the system to potentially hostile parties and is not what the
sysadmin would expect. Most daemons are configured to listen on localhost by
default
to prevent such problems with a comment in the configuration to show how to
change
that.
I suggest something like the following in the default /etc/mon/mon.cf:
# comment this to listen on INADDR_ANY
serverbind = 127.0.0.1
# uncomment this to listen on a non-default port
#servport = 2583
# list of space separated regexs of clients to accept
clientallow = ^127\.0\.0\.1$
I believe that the above would decrease the amount of work spent by sysadmins to
correctly configure their systems and will lead to a more secure Internet in
general.
--- End Message ---
--- Begin Message ---
Source: mon
Source-Version: 1.2.0-9+nmu1
We believe that the bug you reported is fixed in the latest version of
mon, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Russell Coker <[email protected]> (supplier of updated mon package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 12 Dec 2016 10:00:22 +1100
Source: mon
Binary: mon
Architecture: source amd64
Version: 1.2.0-9+nmu1
Distribution: unstable
Urgency: medium
Maintainer: Dario Minnucci <[email protected]>
Changed-By: Russell Coker <[email protected]>
Description:
mon - monitor hosts/services/whatever and alert about problems
Closes: 820712 821360 822606 824176 847437 847441 847444
Changes:
mon (1.2.0-9+nmu1) unstable; urgency=medium
.
* Non-maintainer upload.
* Make default config bind to 127.0.0.1 Closes: #820712
* Add restorecon and tmpfiles.d file Closes: #822606
* Don't specify config options on both the default command-line and the
default configuration file Closes: #821360
* Move local monitor scripts to /usr/lib/mon/mon-local.d to separate them
from network checks Closes: #847437
* Added remote.monitor to this package and made it strict. Closes: #847441
Fixed the problems with it Closes: #824176
* Added ps.monitor and made it strict. Also made it handle perl, python,
and lua5.1 interpreters correctly. Closes: #847444
* Conflicts with mon-contrib <= 1.0+dfsg-3 because of remote.monitor and
ps.monitor
* Added mailxmpp.alert, an alert that sends mail and XMPP messages
* Added linux-temp.monitor for local system temperature and loadavg.monitor
* Extended ping.monitor to support ipv6 and specifying the ping count
Checksums-Sha1:
8899ed9f8ce0bbd8946f27067e26687916f6be21 1828 mon_1.2.0-9+nmu1.dsc
b237fe8b66d86953ed8ab9f43aed89650db2dc04 25084 mon_1.2.0-9+nmu1.debian.tar.xz
60b0e92957829882de48236aa9feb3fbb6e7e856 13262
mon-dbgsym_1.2.0-9+nmu1_amd64.deb
31dbf6e9ff094f91e7622c40b0bf3c6d791fe88b 4799 mon_1.2.0-9+nmu1_amd64.buildinfo
40cc98f0b786cf54f50f9f2598f79297531fc2f9 277794 mon_1.2.0-9+nmu1_amd64.deb
Checksums-Sha256:
d99fb8f309f7f568aeba1ef21a901e63064257b1e82dfb7a3cf09f6ea61dfa64 1828
mon_1.2.0-9+nmu1.dsc
5cce09cfe71dc4a36e1a5b63a1a7334c8032b32a5fabfe25d1075fc42145b211 25084
mon_1.2.0-9+nmu1.debian.tar.xz
7625ddd831ee073e245982224a07ebbbe645d85fe1403618841a6deed92dc948 13262
mon-dbgsym_1.2.0-9+nmu1_amd64.deb
ab6ab55311a01da078601f66e21e748005c39a114c437b067e15901accfd79f0 4799
mon_1.2.0-9+nmu1_amd64.buildinfo
b06914d5c496a689d3c5cbdc7823d1660e212aa620d2751d8b95e437fc54a888 277794
mon_1.2.0-9+nmu1_amd64.deb
Files:
87be35cc133e028239864e8b9b7bf8fd 1828 admin extra mon_1.2.0-9+nmu1.dsc
ec2b5405133dbe51df8a1ca011e56126 25084 admin extra
mon_1.2.0-9+nmu1.debian.tar.xz
d8848d6d34d5bab17231a38e8b0b726e 13262 debug extra
mon-dbgsym_1.2.0-9+nmu1_amd64.deb
41222e04ad32002294561097e965e887 4799 admin extra
mon_1.2.0-9+nmu1_amd64.buildinfo
2f96f8aa12d6e5b9208f9517b082a880 277794 admin extra mon_1.2.0-9+nmu1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhN2qIACgkQ0UHNMPxL
j3nhwg/+P6TAkbsJsO9ErSMEWPX1oRr4oyIpA1TeJGbdsnSt8sPwXnrynspiRaho
riPnFcS2BEJWIinCCWEvIF0cbGlXSWL7dCDV7lDnqKzRA/3WST6ylnkdiokaTDAg
AocUH/s3nW6P46czsH7sCPPwMKFHvA5EMqZ5TJkfVsdukplSsqqTCdMNFEh/BgNp
sMt0/GGol1MESE3Ln6//Kx4yGE8zmul4uZNkqzw2jDHkwlH8QR8RKKQ9j99a2BxH
5Y1UVwherJzTF3Tej9KYwlgydxAV9JHusDH2JgYn+r9BqeO6D1kTKcawUgrz/0hc
ia+9zAA9yCzScfKsXI/h9DSoAQmI+ILfe3NQPHYujDfGiSx9TRPDiXnL230XBhjE
xxChaMTuPLoCtAqlr9ADZ/mz2zVBS95rsBYff+72O9h7hT+B1FzRkaPxEOSdEz5f
W5hiIAuse/br3Zy8eSwCidg7gR9lcmUXTePskyRSp8nVhlrcqEbmFJf3sSY2yNJL
XU11egk0jBz0foztEPuUJl+4Tg9g7C4Zx9Nk8HKUK2iaAp126m2dUiE++w4cg6pV
8xN6fTDJr9XwDYNfKMo9wnsBxBPYA37vCJhHDbbUaSxkSPL383eTBMRJT6lG4pfF
1axkOl6xTgIP0DpDHmIpkOosqPvELq34hmtK/UZVniFIPKvwkR0=
=m1JN
-----END PGP SIGNATURE-----
--- End Message ---
