One of the simplest things you can do to protect yourself when connected to a network of any kind is to use a firewall. This serves as a barrier of sorts between the computers you do have control over against the computers that you don’t. One of the main uses of a firewall for an average user is to protect their home computers (that they own) from the vast network called the Internet (computers they don’t own). Firewalls is not a new concept and has been around for ages. However, back in the days, many users were pretty naive in thinking that the Internet would not be used as a mechanism for exploiting remote computers. Well, I’m pretty sure you already know how silly that idea is today. In my opinion, it’s imperative these days that we all deploy some type of firewall before connecting our computers online.
I’ve talked about firewalls in more details from an old article so if you need to get more familiar with the concept, I suggest you read it. In fact, in order to really understand how network location is beneficial, you’ll need to understand first how firewalls work to protect you.
Firewall in a Nutshell..
Network locations is a simple concept once you understand how firewall works. Even if you are not a firewall expert, as long as you understand the basics of how it functions, you’ll quickly realize how network locations work as well. Basically, most firewalls revolves around rules. In order for a program or application to be reached from the Internet, the firewall will look into its rule set and see if it can find a rule pertaining to that specific application. If there is, then it will enforce it (to allow or disallow communication). If it can’t find a rule for it, it will then usually ask you, the user, to make a decision on whether to allow or disallow the program/application from communicating through the firewall. Once you have made your decision, the firewall should be smart enough to remember that decision so it wouldn’t have to bother you again in the future (unless you specify for the firewall to ask you every time that application launches).
Network Locations
With network locations, you get to decide which type of firewall rules to automatically apply to that new wireless connection you have just connected to outside of Starbucks or McDonald’s. A better term for some might be network profiles instead. When we assign a network connection to a location or profile, we are saying “OK, I want this connection to inherit this type of firewall rules automatically from now on”. In the Windows operating system, there are three locations (four if your computer is joined to a domain) in which you can assign to a connection. They are called Home, Work, or Public. The Home and Work location are closely related with the main difference being the latter not able to join a Windows HomeGroup. Therefore, the main location types are between Home/Work (labeled as Private) and Public. So for example, you could allow the AIM Instant Messenger to be used if your computer is connected to your home network which has the Home network location applied to it but disallow it when you connect to an anonymous wireless hotspot while at the airport, which you label as Public.
So now some of your reading this might be wondering what the big deal is. Well, think of this from a security stand point. The most important network location by far from a security point of view is Public. Think about this for a second. When we connect to a public hotspot, you have to remember that you’re not the only person who has access to this network. If it’s public, then it must be free as well. Therefore, you can bet all your money on the table that someone else nearby is also using that connection. A typical example, once again, is when you roam into a Starbucks or McDonald’s and have access to free Wi-Fi. If you see others around you with their laptops open and surfing the web, there is a good chance that they are using that free Wi-Fi connection as well. The more users there are, the bigger that network grows to. Here is the million dollar question: How you can you be sure that every person on that network isn’t a malicious hacker of some sort out to steal your data? The correct answer is you can’t! Even if you walk around the entire store personally asking everyone if they are trying to steal data, and even if I give you the benefit of the doubt that they answer “No” honestly, what about that person out in the parking lot? Remember, this is a Wi-Fi connection we are talking about.
To help us in this situation, as soon as we connect to that public Wi-Fi connection, we label that connection as Public. You might have noticed that every time you connect to a new network, the Network Location window will pop out asking you to choose a location profile for that connection as seen here:
One we do so, the firewall rule set for the Public profile will then be applied to your computer. What’s so good about doing this? Well, by default, Windows configured the Public firewall rules to be strict in nature. When I say strict, I mean that many important network services will be disallowed. To view and/or configure the firewall rules, we simply head over to the Windows Firewall component. Type in Firewall in the Start’s Search Menu and select Windows Firewall from the available options.
Before viewing the actual firewall rules, you’ll want to make sure that your firewall is actually turned on. In the left hand column, select the “Turn Windows Firewall On or Off” link. Be sure that both the Home/Work and Public firewall sections are enabled:
Head back to the previous page and now select the “Allow a Program or Feature Through Windows Firewall” link. Immediately, you’ll see a big list of programs and services. To the right of the application/service name, you’ll see two columns. One for the Home/Work profile and the other for Public. For an application or service to communicate through the firewall, it will need to have a check mark under the appropriate profile. If you look under the Public column, there should be a lot fewer enabled applications and services than when compared to the other column. Two big services that are disabled by default under the Public column is the “File and Printer Sharing” and “Network Discovery” services. As long as these two services remain disabled under the Public column, it will then be a lot harder for other strangers connecting to the same public Wi-Fi as you to detect your presence on that network. I’m not saying it’s impossible, but just a lot harder.
The less services and applications you make available, you lessen the potential attack surface of your computer when accessing a public or untrusted connection. The smaller the attack surface, the harder it will be for attackers to find a way in. At any time, you can easily change the network location for a given connection by simply heading over to the Networking and Sharing Center within Control Panel. Click on the currently set network location and the “Set Network Location” window should appear allowing you to select a new profile.
There is one important thing to remember folks. Network locations is based on your Windows firewall profiles. For each application/service allow or disallow, the firewall will remember the selection and apply it to all future connections under that same network location type. For example, if you connect to a public hotspot, label it as a Public connection and then allow the AIM Instant Messenger application to communicate through the firewall, then that application will also be able to communicate through the firewall for every other network you connect to and label Public as well. If you find the need to allow many applications through the firewall for a Public connection, you might want to consider putting that connection to a different network location instead (Home or Work). While it might be unsafe for this one connection to be in the Private group, it is even more dangerous to be having all Public connections in the future adhere to the “relaxed” rules due to that one connection.
Loading ...
Listen to my latest posts! 
A Bing Wallpaper a Day!
Google Drive Overview
Microsoft SkyDrive Overview
Kindle 4 Review!
Windows 8 Metro UI on the PC
Recent Comments
May 11, 2012
Firstly, I am obliged by the mention in the post. You actually found the solution which I mentio...
May 11, 2012
Its still a good tool to use to protect your system from other threats i will be testing it today...
May 7, 2012
I'm still not understanding the original problem but have you tried just disconnecting the USB ca...