Wednesday, June 29, 2011

Why Use A VPN? Reasons Why You Should Use a VPN Explained

Don't think a VPN is right for you? Consider the following practical reasons to use a VPN service provider:

1. Securing Wireless Connections / Public Wi-Fi

If you use wireless hotspots / public wi-fi, your traffic is open to be easily monitored by both the persons providing the wireless access, and others on the wireless network (as they all have the security key). This makes session hijacking rather easy - as the recent FireSheep extension for Firefox demonstrates. In other words, it's quite simple for another person to hijack your Facebook, Twitter, possibly even your email account.

An attacker sitting in a coffee shop or on hotel wireless could gather dozens of accounts in short order using this method. By using a VPN, even on a wireless connection employing no security measures, you will prevent these types of attacks.

2. Hiding your IP address / Privacy

When you connect to a VPN provider, the provider issues you an IP address from a random pool of IP addresses owned by the provider. All traffic you send and receive on the Internet passes to and from the VPN provider. Your online presence is now "masked" behind the VPN provider. This connection does not render you anonymous per se but rather pseudonymous, as you are still linked to that IP. Always read a VPN provider's privacy policy to see what information is retained, for how long, and what conditions must be met for the release of subscriber information to a third party.

3. Viewing content outside your geographical area / bypassing censorship

Most VPN providers have servers in many countries, which will allow you to view content from websites that restrict access based on geographical location (e.g. Hulu, Comedy Central, BBC, etc.).

4. Preventing passive traffic monitoring

All traffic passing from your computer to the Internet is easily monitored and logged by an ISP. Many ISPs bury the fact that they do this deep in their Terms of Service when you sign up. If you use a VPN, all traffic on your connection will be encrypted from your computer to the VPN provider, and then pass to the Internet.

5. Preventing bandwidth throttling / traffic shaping

A LOT of ISPs engage in traffic shaping/throttling of certain types of traffic - BitTorrent traffic in particular. If you don't like the idea of your traffic being monitored and shaped, a VPN will prevent this by creating an encrypted tunnel between your computer and the VPN provider. The ISP can only see the tunnel - but not the ports being used and the traffic protocols passing through the tunnel.


Thursday, June 23, 2011

How to Create Custom / Separate Windows 7 Firewall Policies for Individual Users

How to Create Windows 7 Firewall Policies for Different Users:

For various reasons, you may wish to have an account with strict firewall policies (such as those detailed in this post), and another account with more relaxed policies.

In order to do this, both accounts must be Administrators. This may also work with Vista Firewall, unfortunately I don't currently have a Vista box to test it on. This will not work on Windows Vista.

1. Before doing anything, back up your current firewall policy. Run Windows Firewall with Advanced Security (type firewall in Run box).

2. In the right pane, click Export Policy. Save to c:\, as firewallstd.wfw.

3. Create the policies you wish to implement, and export as c:\firewallstrict.wfw.

4. Create this batch file, and save as c:\firewallstd.bat:

netsh advfirewall import c:\firewallstd.wfw

5. Create this batch file, as save as c:\firewallstrict.bat:

netsh advfirewall import c:\firewallstrict.wfw

6. Open Task Scheduler (type task in Run box).

7.  Choose Create a Basic Task.

8. Name this rule as you see fit.

9. For task trigger, select When I Log on.

10. Choose Start a Program.

11. Choose the .BAT file you created earlier. The finishing dialog will appear. Before clicking Finish, tick "Open the Properties dialog for this task when I click Finish".

12. In the resulting window, select Run with Highest Privileges.

Once this is complete, log on to the other account and repeat steps 6 through 12, with the policies you desire for that account. You can remove the "pause" from the batch file if you prefer, but it is helpful to confirm that the policy has properly loaded upon logging in.