Package: mon Version: 1.2.0-9 Severity: important By default mon accepts connections from the world on port 2583, this exposes information about the system to potentially hostile parties and is not what the sysadmin would expect. Most daemons are configured to listen on localhost by default to prevent such problems with a comment in the configuration to show how to change that.
I suggest something like the following in the default /etc/mon/mon.cf: # comment this to listen on INADDR_ANY serverbind = 127.0.0.1 # uncomment this to listen on a non-default port #servport = 2583 # list of space separated regexs of clients to accept clientallow = ^127\.0\.0\.1$ I believe that the above would decrease the amount of work spent by sysadmins to correctly configure their systems and will lead to a more secure Internet in general.
