LinuxQuestions.org - Opening up system (gaim and direct connect)

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - Opening up system (gaim and direct connect) (https://www.linuxquestions.org/questions/linux-security-4/opening-up-system-gaim-and-direct-connect-206403/)

Opening up system (gaim and direct connect)

As mentioned in a previous thread, I followed the directions at http://www.oldskoolphreak.com/tfiles/hack/slack_sec.txt to basically deny all external connections. Now I see that I'm going to have to slowly open up my system to allow some normal things to function. I haven't noticed anything major yet, but I do see that I can't use gaim to send files or use the "Direct Connection" option with the AIM protocol. What do I need to do to allow this, and what potential risks does it allowing it involve?

can you post your iptable rules..

The simplest iptable rules will be to allow everything out and only the return traffic inside.

e.g.
iptables -A INPUT -i <external interface> -j ACCEPT -m state --state RELATED,ESTABLISHED

My iptables are set up exactly as that site recommended (excluding the ssh bit). That is:

Code:

#!/bin/bash



# rc.firewall for

# Basic Slackware Security



# These two rules set the default policies, i.e. what to do if a

# packet doesn't match any other rule, to drop any packet coming

# into (INPUT) or routing through (FORWARD) the box.

iptables -P INPUT DROP

iptables -P FORWARD DROP



# These rules are added (-A) to the INPUT chain.  They allow packets

# from any previously established connections and accept anything

# from the loopback interface.

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

iptables -A INPUT -s 127.0.0.1 -d 127.0.0.1 -i lo -j ACCEPT

I really don't know much at this point about security/ports/firewall/iptables, especially as related to Linux. However, it sounds like a good idea to start with everything denied and slowly open things up as I need them. My question is, after following the advice given by the site above, how can I now allow AIM direct connections, and will doing that open up anything else that I don't want to be open?