ICQ it's a risk inside a network. A way to avoid this risk and allow the chat, U can use a web-proxy in order to send the messages by a HTTP tunnel. ICQ can do this, and IMHO it's a bit more secure. To allow NTP, you just need to define the IP for Ur NTP server and allow UDP input/output to their 123 port against a non-privileged port in your server (over 1024) Chubasco -----Mensaje original----- De: Paul Elliott [mailto:pelliott@io.com] Enviado el: Wednesday, January 16, 2002 2:50 PM Para: suse-sec Asunto: [suse-security] Allow ICQ under SuSEfirewall2? I have a single system protected by SuSEfirewall2. I do not use personal firewall because I want to allow chrony to set the time, and for this I need access to offsite NTP servers. How do I allow use of ICQ? Thank you. -- Paul Elliott 1(512)837-1096 pelliott@io.com PMB 181, 11900 Metric Blvd Suite J http://www.io.com/~pelliott/pme/ Austin TX 78758-3117