Norton vs Zone Alarm firewalls

Specifically with regard to your question I think an important part of the answer is which firewall software you are more comfortable with. By that I mean which product's interface and features make the most sense? Firewalls have many features which can be often be configured in multiple ways. The more you understand the product the more likely you will configure it optimally and get the best protection. Zone Alarm is a good choice if you want to be involved. On the other hand, some folks prefer security software that requires as little user interaction as possible and the Norton products are a good choice in that case because by default they handle a lot of the decision making. I'm not familiar with the firewall included in NIS 2008 so I can't comment specifically on it, but it did get a very good review at pcmag.com. Hope this helps.

Definitely.

I think you are both correct. Doing both makes it more difficult for malicious software to work. Doing one without the other can be a vulnerability.

Note: I am sorry that I had to add the other newsgroups back into the list of recipients of this, but I am unable to send to just comp.security.firewalls.

Outlook Express won't send anything without some user involvement. In the past, it was possible for unauthorized software to spread themselves in the manner you describe but now Microsoft does not allow it. Certainly there is potential for sophisticated software to bypass such things, but if it were as easy as you say, we would sure hear about it.

Windows, at least prior to Vista, is surprisingly vulnerable to software that is allowed to execute in a system. It is so vulnerable that it is nearly impossible to make a system totally safe from software running in a system. There are many ways for software to inject a DLL or other code into another process. Good antivirus software will catch most of those, and detection of injection is a critical way to catch most malicious software and that is how antivirus software might also catch many valid utility software.

Regardlous, use of OE in the manner you describe is not as easy as you indicate.

Which is exactly what happens.

Malware you'd allow to run wouldn't have issues with it either.

Agreed. Now please tell that to vendors of so called "security software".

Now, you're the one spreading misinformation here. This is only true prior to XP SP2 unless you turned on the firewall or, even better, shut down your network services.

I had a W2K machine directly connected to the net for years, without any "protection" and without any problems, so you are obviously wrong.

Referring to grc.com does not improve your argument. Quite contrary.

Stealth is hype and doesn't add anything in terms of security.

meaning you don't have a clue...

And you were the one warning against misinformation...