LIMIT IP TRAFFIC WITH IP FILTERING

Firewalls should be the first line of defense in any network connected to the Internet. In general, the best solution is a hardware-based or dedicated firewall at the gateway that protects the entire network. The second-best solution is a local firewall, such as ZoneAlarm or Tiny Firewall.

But even with a gateway firewall in place, you might want to limit the traffic coming into your computer. For example, you may be concerned about locally generated traffic as well as Internet traffic. Blocking that local traffic is as easy as setting up filters on your computer.

Windows 2000 offers the capability to specify the ports on which Windows will allow traffic to your computer. For example, you might limit the traffic to port 80 (HTTP), port 110 (POP3), and port 25 (SMTP) and exclude all others.

To configure filters on your computer, follow these steps:

1. In Control Panel, open the Network And Dial-Up Connections folder, right-click the network interface, and choose Properties.

2. Click TCP/IP, choose Properties, and click Advanced.

3. On the Options tab, select TCP/IP Filter, and click Properties.

4. In the TCP/IP Filtering dialog box, select Enable TCP/IP Filtering.

5. In the TCP Ports, UDP Ports, and IP Protocols sections, add the ports that you want to allow, and click OK.

6. Close all dialog boxes.