The Firewall
A Firewall is a special software component that protects you from unwanted connections and controls traffic flow between OS processes and the network.
In the early days, it was just an advanced security feature of UNIX/Linux operating systems or a network gateway feature in the corporate networks that allowed admins to protect the network and reduce the attack surface from the Internet. After certain nasty remote code execution and denial of service attacks on Windows systems, it became a critical standard component introduced in Windows XP SP2 and Windows Server 2003 SP1.
While it requires a certain level of skill/knowledge to manage traffic flow in both directions and keep the up-to-date whitelist, it is still rather easy and useful to block any incoming traffic in your system. Because why? Why would you even want someone to have your computer exposed to the network, listening for the incoming traffic just in case, especially on a mobile device like a laptop or a tablet?
Unless you’re a junior developer sharing something from your system to the network (really bad idea in enterprise environments), no user truly needs it in everyday use. And if you are, just move it to the cloud.
So, if you’re not a control freak, the one good practice that minimizes the chance of your system being hacked from the network is just dropping everything that originates from it. Eve-ry-thing.
On Windows, it is remarkably simple.
Just open Windows Defender Firewall (firewall.cpl), find Turn Windows Defender Firewall on or off, and enable the Block all incoming connections, including those in the list of allowed apps flag on all profiles you find there.
The result is immediate once you hit OK; no restarts needed.
Just do not do it remotely, so you do not lose remote access to the system. Only do it if that is your goal. And never try it on the VM in Azure/GCP/AWS, you won’t like results for sure.
If you are a PowerShell guy, there is a nice single liner for you:
Set-NetFirewallProfile -All -DefaultInboundAction Block -AllowInboundRules False
Just keep in mind you need full permission on your system as a prerequisite, so run the command from the elevated PowerShell session (aka Run as Administrator).
Another concern to keep in mind is that with this set, your system will not respond to any connection from the network. So goodbye Remote Desktop, Media Server, Shared Folders, etc. On the other hand, why would you even want to use it on a home system/laptop? Most users do not even know what it is all about, and they do not have to.
Doing it is so easy and natural that it’s the very first action I take on every new system I set up, even before connecting my computer to the network. To me, it is just a habit now to maintain digital hygiene.
For the Linux guys, there is no simple action to take, so check your distro manual or community. Should be there for sure.
For the MacOS, do not have one around, but it seems pretty easy too, just enable Block all incoming connections in the Firewall, credits to Apple for documenting it: Change Firewall settings on Mac - Apple Support
P.S. Fun fact, Android/iOS do not have such a feature at all. I do understand their primary focus is not on security, but why would they keep mobile operating systems open to the network without giving users any option to block it all, not even as a developer feature? So far, I have found apps like GlassWire and NetGuard in the Google Play Store to address it without rooting device, but that is another story. Wondering if there is something like that for the iOS.
P.S.S. Little hint, it helps to protect PCs running unsupported OS like Windows XP/7/10 from network attacks too. Still, not sure why you might want to run those unless it’s a retro gaming build/old hardware, but it’s better than nothing for sure.
EOF