Microsoft

Tech Tip: Limit Win2K IP traffic/Integrate Windows and UNIX systems

Find out how to limit IP traffic and integrate Windows and UNIX systems.

Windows 2000 Professional: Limit IP traffic with IP filtering

Firewalls should be the first line of defense in any network connected to the Internet. In general, the best solution is a hardware-based or dedicated firewall at the gateway that protects the entire network. The second-best solution is a local firewall, such as ZoneAlarm or Tiny Firewall.

But even with a gateway firewall in place, you might want to limit the traffic coming into your computer. For example, you may be concerned about locally generated traffic as well as Internet traffic. Blocking that local traffic is as easy as setting up filters on your computer.

Windows 2000 offers the capability to specify the ports on which Windows will allow traffic to your computer. For example, you might limit the traffic to port 80 (HTTP), port 110 (POP3), and port 25 (SMTP) and exclude all others.

To configure filters on your computer, follow these steps:

  1. In Control Panel, open the Network And Dial-Up Connections folder, right-click the network interface, and choose Properties.
  2. Click TCP/IP, choose Properties, and click Advanced.
  3. On the Options tab, select TCP/IP Filter, and click Properties.
  4. In the TCP/IP Filtering dialog box, select Enable TCP/IP Filtering.
  5. In the TCP Ports, UDP Ports, and IP Protocols sections, add the ports that you want to allow, and click OK.
  6. Close all dialog boxes.

Windows 2000 Server: Integrate Windows and UNIX systems with NFS

Windows Services for UNIX (SFU) is an add-on for Windows 2000 Server that provides several components to enable integration between Windows systems and UNIX/Linux systems. One SFU component is the Network File System (NFS), which provides the Client, Server, and Gateway components that support file sharing between Windows and UNIX-based systems.

The Client component enables Windows clients to access files shared on UNIX-based NFS servers. The Server component displays Windows-hosted shares as NFS file systems, making them available to NFS clients in both UNIX and Windows environments.

Installing and managing an NFS client on Windows workstations is one solution to providing access to NFS shares on a UNIX server, but a better option is to use the Gateway component of NFS for Windows 2000. The Gateway component enables a Windows 2000 server to act as a gateway for NFS shares on UNIX hosts.

To the client, it appears that the Windows server is hosting these shares. Because the Windows clients can access the Windows server without any additional client software, these clients don't require NFS client software to access NFS shares on remote UNIX hosts. Eliminating the need for NFS client software simplifies network and client management.

Editor's Picks

Free Newsletters, In your Inbox