NT Port Filtering
Microsoft allows for TCP, UDP and all traffic port filtering. The process is one in which an administrator can select acceptable ports, leaving only those services available which s/he chooses. This is much simpler than specifying every port that an Administrator doesn't want. Most servers won't need to allow traffic on any port other than the most common ones: 21 for ftp, 80 for HTTP and 443 for SSL. Keep in mind that these filters only apply to incoming requests. This allows all ports to be closed, but local to remote ftp sessions and pop will still function.
To secure NT 3.5 & 4.0 machines so that they only accept requests to specified ports:
Right click Network Neighborhood
Select Properties
Select Protocols Tab -> TCP/IP -> select properties
Under IP Address Tab -> click 'Advanced' button
Check the 'Enable Security' checkbox -> Click 'Configure' button
Select Radio Button 'Permit Only' -> Add acceptable ports
To secure Windows 2000 machines:
Right click My Network Places -> select Properties
Right click 'Local Area Connection' -> select properties
select 'Internet Protocol (TCP/IP)' -> click 'Properties' button
Click 'Advanced' Button at the bottom
Select 'Options' tab
Select 'TCP/IP Filtering'
Check 'Enable 'TCP/IP Filtering (All adapters)' checkbox
Select Radio Button 'Permit Only' -> Add acceptable ports
-----------------------------------------------------------------
MACHINES WILL BE REQUIRED TO REBOOT IN ORDER FOR CHANGES TO OCCUR
-----------------------------------------------------------------