12.9. Packet Filtering with Windows NT
Windows NT supports static packet filtering of IP traffic. Although the capabilities of this filtering are somewhat rudimentary, they can provide some additional security. Because NT uses static packet filters, it cannot maintain state. This means that NT's filters are unable to distinguish between legitimate acknowledgment traffic and possible attacks.
NOTE
See Chapter 5 for an in-depth discussion of static packet filtering versus dynamic packet filtering.
Windows NT does not allow you to specify the direction of traffic when applying your packet filters. All filtering is done on inbound SYN=1 traffic only. This means that if someone is able to compromise your system, NT's packet filters will be unable ...
Get Mastering™ Network Security, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
