I have a router. Do I still need "Internet Filtering" enabled??

Since I have a router, is it safe for me to only use looknstop's app control?

Do I still need internet filtering?

 

When I had a router (Netgear RP614v2) with a firewall I did not get anything in the lns log for incoming traffic. Simply because there was nothing to report
But it did do no harm having internet filtering activated. I used it mainly to test (and learn) different configurations of the firewall in the router.

 

If you run more than one computer behind the router, it still makes sense to keep at least application filtering, but also Internet filterning active.
Imagine, you have an additional notebook that is connected at public internet cafes from time to time. If this notebook caught some virus/trojan horse out there and afterwards you plug it in back home, it could easily infect all of your other computers in the local LAN behind your router.

Thomas

 

Can someone explain how this is possible? How can the trojan get transferred from the notebook to the other home computers?

Also, how can internet filtering prevent this?

And is this the only reason to have internet filtering enabled (with the use of a router)? What if I don't use my notebook outside of the home? Do I still need it?

 

Assuming your notebook got infected somehow and you connect it back to your local network, the router will not control local traffic between the computers connected to this router. So, this "intranet" is not protected! Assuming your infected notebook starts looking for some more new victims, it could search for shared files, open ports, other possibly unpatched Windows systems. Windows XP might be protected by it's build in firewall, but when it is turned off or you are using Win2k or Win98....
This is why my computers still use Internet filtering by LnS, even if they are behind the router.

Thomas

 

Not only that but your router won't filter traffic the same way LnS will. Your router will allow any kind of communication that your system has sent a request for, LnS will put all sorts of exceptions on that. I don't generally see any unsolicited inbound attempts, but I do see plenty of things in my log from apps that I have running. Using Phant0m's ruleset I've even seen some of the more complex tricks that Phant0m specifically created rules for show up in my log while using P2P. Using the internet filtering also doesn't create any overhead.. I've never seen any difference in performance with that on vs when it's off.. of course I don't see any difference with LNS shut completely down, either

In short, yes - it's worth having packet filtering.. a (non-SPI) router isn't a real firewall.