Tcp/Ip filtering has its uses but is not well understood. For instance as I
mentioned it does not work with ICMP, it blocks inbound only, and it is
stateful for TCP only - not UDP which trips up a lot of users because dns
uses UDP. As Roger said consider ipsec filtering. Ipsec became available in
Windows 2000. Ipsec filtering however should not be considered a full
feature firewall and it is NOT stateful but it is built into the operating
system, can filer ICMP, and can also manage outbound traffic. See the links
below if you are interested in ipsec filtering or ipsec in general. FYI the
main purpose of ipsec is to authenticated computers for network
communications via Security Association and secure traffic with ESP/AH which
can encrypt and insure the integrity on network traffic. --- Steve
http://support.microsoft.com/default.aspx?scid=kb;en-us;313190
http://www.securityfocus.com/infocus/1559
http://www.microsoft.com/windows2000/technologies/communications/ipsec/default.mspx