12.9. Packet Filtering with Windows NT

Windows NT supports static packet filtering of IP traffic. Although the capabilities of this filtering are somewhat rudimentary, they can provide some additional security. Because NT uses static packet filters, it cannot maintain state. This means that NT's filters are unable to distinguish between legitimate acknowledgment traffic and possible attacks.

NOTE

See Chapter 5 for an in-depth discussion of static packet filtering versus dynamic packet filtering.

Windows NT does not allow you to specify the direction of traffic when applying your packet filters. All filtering is done on inbound SYN=1 traffic only. This means that if someone is able to compromise your system, NT's packet filters will be unable ...

Get Mastering™ Network Security, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.