Internet Security Diagnostics: Outgoing Filters
Diagnostics / Security
To improve the security of internet communications, global filters can be used in the FRITZ!Box. A number of filters are enabled by default in the FRITZ!Box, others are disabled upon delivery. The filters enabled in the FRITZ!Box by default filter packets which are normally not required for communication.
- Disable the enabled filters only if you want to run applications that require these packets.
- Enable the disabled filters only if you want to block the unsecured dispatch of email, or if you want to make it more difficult to identify your FRITZ!Box.
Firewall Stealth Mode
In stealth mode the firewall rejects unsolicited queries from the internet without comment, instead of replying with ICMP control messages. It continues to reply to queries frequently required by programs.
| Filter Setting | Meaning |
|---|---|
| disabled | The filter is not enabled in the FRITZ!Box by default. |
| enabled | Enable this option if you want to make it more difficult to identify your FRITZ!Box through port scans. |
SMTP Filter
The SMTP filter blocks SMTP packets. SMTP is an email transport protocol that serves to exchange email in computer networks.
The SMTP filter blocks the dispatch of e-mail via the unsecured port 25.
| Filter Setting | Meaning |
|---|---|
| disabled | The filter is not enabled in the FRITZ!Box by default. |
| enabled | Enable this filter in order to block uncontrolled sending of email messages (for instance, by malware on devices in the home network). Use only secure email servers if you would like to enable this filter. |
NetBIOS Filter
The NetBIOS-Filter blocks NetBIOS packets. NetBIOS packets are usually not required for communication in the internet.
| Filter Setting | Meaning |
|---|---|
| NetBIOS filter enabled | This is the default setting in the FRITZ!Box. When this setting is enabled, NetBIOS packets are blocked by the FRITZ!Box's packet filter. |
| NetBIOS filter disabled | When this setting is disabled, NetBIOS packets are allowed to pass through the FRITZ!Box's packet filter. Disable the NetBIOS filter only if you are using applications that have to exchange NetBIOS packets with the internet, as would be the case, for instance, for SMB access to the Strato HiDrive. |
Teredo Filter
The Teredo filter blocks Teredo packets. Teredo is a tunnel protocol that uses UDP to tunnel IPv6 packets over IPv4. With Teredo individual devices in the home network can establish their own IPv6 connections. IPv6 connections with Teredo are not usually necessary if the FRITZ!Box provides a native IPv6 connection for the home network.
| Filter Setting | Meaning |
|---|---|
| Teredo filter enabled | This is the default setting in the FRITZ!Box. When this setting is enabled, Teredo packets are blocked by the FRITZ!Box's packet filter. Devices in the home network cannot use Teredo to establish IPv6 tunnels. |
| Teredo filter disabled | When this setting is disabled, Teredo packets are allowed to pass through the FRITZ!Box's packet filter. With Teredo devices in the home network can establish their own IPv6 connections. Note the following if the FRITZ!Box provides a native IPv6 connection:
|