I'm setting up Prometheus to monitor Ubuntu 24.04 servers and am considering using Node Exporter to collect system metrics.
I understand that Node Exporter exposes an HTTP endpoint (port 9100 by default), which can be accessed remotely.
I'm concerned about the security implications of leaving this port open, especially in a production environment.
While I assume most system metrics are not sensitive, could exposing these details present a security risk?
Are there any best practices for securing Node Exporter that I should consider?