Securing Windows 2000 Communications with IP Security Filters, Part 1

by Joe Klemencic
Sept. 24, 2017 1 comment Symantec Apps & Hardening securing windows2000

With the release of Windows 2000, a new feature, IP Security, was added to allow for more granular control of IP-based traffic over the previous Windows NT4 packet filter option, TCP/IP Filtering. Originally, when the TCP/IP Filtering option was enabled, it was applied to all network adapters on the host system and could only affect the protocol used. For example, there was no provision to allow NetBIOS only from select hosts while allowing HTTP from any host. The main premise behind the TCP/IP Filters is to allow specialized server configurations to be generically secured for only their intended traffic. Since NetBIOS cannot easily be disabled on a Windows NT4 server, one would implement TCP/IP Filters on their IIS installation to allow only HTTP traffic to the server and block all other types of traffic. The original TCP/IP Filters implementation only inspected inbound traffic originating from outside the host to be inspected.

2flash 7 months, 1 week ago

Hehe, this is an interesting piece right here. Good old Windows 2k and its security :) It was a pleasure reading it!