Windows 2000 Server comes with basic firewalling functionality (as does Window 2k3). I started playing around with IP Filtering.... Open the Control Panel. From the Network Connections applet, open the connection you want to configure. Click the Properties button. Select Internet Protocol (TCP/IP). Click the Properties button. Click the Advanced button. Click the Options tab. Select TCP/IP filtering. Click the Properties button. Check the box beside Enable TCP/IP Filtering. Select Permit Only for TCP Ports, UDP Ports, and/or IP Protocols. Click the Add button. Enter the port or protocol number and click OK. Repeat the last couple of steps until you've entered all desired ports and protocols. After you are done, close all the dialog screens by clicking either OK or Close. You will be prompted to reboot for the changes to take effect. The problem I find here is that it can lock down all ports EXCEPT what I list... but I can't specify other exceptions. Guess a third party tool is what is needed here. Just seemed a waste to spend money on a full firewalling package when all that is needed is a few rules.