Check or Attack Name: TcpIp Security

TCP/IP security is not enabled. Windows NT 4.0 has the ability to restrict the ports that will accept packets, and restrict the protocol types TCP/IP will accept. These settings can be very useful in securing a web server, or other specialized hosts.

WARNING: Disable packet filtering, if you have installed Routing and RAS (RRAS). Filter rules applied in RRAS take precedence.

Enable Windows NT TCP/IP security to permit only the services and ports required.

1. Open the Network control panel. From the Windows NT Start menu, select Settings, Control Panel, Network.
2. From the Protocols tab, click TCP/IP and select Properties to display the Properties dialog box.
3. Click the Advanced tab.
4. Select the Enable Security check box and click Configure.
5. Set the ports and protocols to permit only the ports you need to run required services. See %SystemRoot%\system32\drivers\etc\SERVICES for a list of services and their associated port.
6. Click OK four times to save your changes.
7. Restart the computer for the changes to take effect.