are standards for every network, but they don’t solve all problems. While they
do a great job protecting a network of computers, they do very little for each
individual server. This is where a helpful, yet rarely used, Windows 2000 Server
feature can help you. TCP/IP filtering lets you configure special IP filters
that determine the type of network traffic that reaches your computer.
specify which TCP or UDP ports and IP protocols are or aren’t allowed into your
server. While this is no substitute for a real firewall, it will make your
network a little more secure.
these steps to configure IP filters:
the Network And Dial-Up Connections folder, right-click the network interface
that you want to configure IP filters, and click Properties.
Advanced, click the Options tab, then select TCP/IP Filtering in the Optional
Settings list, and click Properties.
the Enable TCP/IP Filtering check box.
each filter type (TCP, UDP, IP), you can permit all and deny only specified, or
deny everything except the specified. (For instance, if you want to allow only
TCP Port 80 to your computer, click Permit Only for all three filter types and
then click Add for TCP Ports and specify port 80.)
you’re finished, click OK to close the dialog box.
properly plan for TCP/IP filtering. Disabling everything except ports you
explicitly define is secure because you know exactly what’s open, making your
network more secure than it would be if you had all ports open. However, when configuring IP
filters, you must be very familiar with your network or some applications might
Miss a column?
Check out the Windows 2000 Server archive, and catch up on the most recent editions of Jim Boyce’s column.
Want more Win2K tips and tricks? Automatically sign up for our free Windows 2000 Server newsletter, delivered each Tuesday!