Package: atop
Version: 2.7.1-1
Severity: important
X-Debbugs-Cc: [email protected]
$ sudo ss -lnp | awk '$5 ~ /\[::\]|0\.0\.0\.0:|\*:/ { print $0; }' | grep atop
??? UNCONN 0 0 0.0.0.0:255
0.0.0.0:* users:(("atop",pid=2185,fd=3))
$
That should not be a default. Please make it listen on "localhost" ([::1]
+ 127.0.0.1) only by default, or even disable this by default.
I belive this is a regression in last few months, as I didn't see atop
listening in the past.
Also I have no idea why atop listens on this port. It is not documented
in atop --help, or manpage.
-- System Information:
Debian Release: bookworm/sid
APT prefers testing-debug
APT policy: (500, 'testing-debug'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.18.5 (SMP w/32 CPU threads; PREEMPT)
Kernel taint flags: TAINT_WARN, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages atop depends on:
ii init-system-helpers 1.63
ii libc6 2.33-7
ii libncursesw6 6.3+20220423-2
ii libtinfo6 6.3+20220423-2
ii lsb-base 11.2
ii zlib1g 1:1.2.11.dfsg-4
Versions of packages atop recommends:
ii cron [cron-daemon] 3.0pl1-144
atop suggests no packages.
-- no debconf information
