Opening up system (gaim and direct connect)

jrdioko · 07-17-2004, 07:18 PM

As mentioned in a previous thread, I followed the directions at http://www.oldskoolphreak.com/tfiles/hack/slack_sec.txt to basically deny all external connections. Now I see that I'm going to have to slowly open up my system to allow some normal things to function. I haven't noticed anything major yet, but I do see that I can't use gaim to send files or use the "Direct Connection" option with the AIM protocol. What do I need to do to allow this, and what potential risks does it allowing it involve?

ppuru · 07-17-2004, 11:05 PM

can you post your iptable rules..

The simplest iptable rules will be to allow everything out and only the return traffic inside.

e.g.
iptables -A INPUT -i <external interface> -j ACCEPT -m state --state RELATED,ESTABLISHED

jrdioko · 07-17-2004, 11:13 PM

My iptables are set up exactly as that site recommended (excluding the ssh bit). That is:

Code:

#!/bin/bash

# rc.firewall for
# Basic Slackware Security

# These two rules set the default policies, i.e. what to do if a
# packet doesn't match any other rule, to drop any packet coming
# into (INPUT) or routing through (FORWARD) the box.
iptables -P INPUT DROP
iptables -P FORWARD DROP

# These rules are added (-A) to the INPUT chain.  They allow packets
# from any previously established connections and accept anything
# from the loopback interface.
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -s 127.0.0.1 -d 127.0.0.1 -i lo -j ACCEPT

I really don't know much at this point about security/ports/firewall/iptables, especially as related to Linux. However, it sounds like a good idea to start with everything denied and slowly open things up as I need them. My question is, after following the advice given by the site above, how can I now allow AIM direct connections, and will doing that open up anything else that I don't want to be open?