Yes, I use IPSec IP Filtering on my web server. I block all incoming ports except port 80. Get to IP Security Filtering by going to your Local area connection properties, Internet Protocol, click on the properties button, then click on the advanced button on the IP screen. Then click on the options tab and highlight TCPIP Filtering and click on the properties button. Check the box to enable IP Filtering and only allow the ports incoming that you want people to access. Regards, Jim Kenzig http://thethin.net -----Original Message----- From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000-bounce@xxxxxxxxxxxxx]On Behalf Of Rob Combis Sent: Monday, December 16, 2002 11:10 AM To: windows2000@xxxxxxxxxxxxx Subject: [windows2000] Re: IPSec Ray- Take a look at this document. http://www.systemexperts.com/tutors/HardenW2K101.pdf You will be using the IPSEC console but not really using IPSEC, more = like a filter. But it works. I used it on my DNS server before we got = a PIX. Oh yeah I highly recommend a hardware firewall. Way better then = ISA server, which I used before. Rob -----Original Message----- From: Ray at home [mailto:listray@xxxxxxxxxx] Sent: Saturday, December 14, 2002 5:49 PM To: windows2000@xxxxxxxxxxxxx Subject: [windows2000] IPSec Hi list, I have a server out at a Web host that I access via Terminal Services. I could also have it so that I could map drives to it and everything else if I really wanted to. With this server sitting out there running TS just waiting for anyone in the world to connect to it and try to guess my password, I am of course, a little uncomfortable with that. I was thinking about buying ISA server, but that may be overkill. But then I thought that I could use IP security policies to block on non-port 80 traffic from everywhere but my computer at home. Is the IPSec reliable? Secure? Do I even understand what IP Sec is? I know that some people will say "get Zone Alarm" or something like that. I don't want to run third party apps... It's either some built-in solution or ISA Server. Thanks a lot, Ray at home ================================== To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm