After seeing the latest ZoneAlarm update (it has an even larger "mind of its own" when it comes to the safe-list safePrograms.xml, which I really don't like) I'm seriously considering switching to another personal firewall. I came across Jetico which seems like a nice no-bloatware thing. Any thoughts, suggestions, recommendations...?
Then there are other options. It is a good idea not to run any servers, which listen() to the wild, of course. Unfortunately, Windows in it's default configuration runs many such servers. Nobody knows why, of course, because usually no-one needs or even wants them (most people even don't know).
But these servers are the reason, why one will need filtering software on a Windows box.
Switching off this software programs will result in not needing any port filter software any more.
Unfortunately, Microsoft makes it difficult for Windows 2000 and Windows XP users to switch them all off. This is why Torsten Mann created this very useful script:
If you're not used to deal with scripts, I hacked a small Windows program, which does just the same:
If you're running Windows 9x, i.e. Windows 95, Windows 98 or Windows ME, then it's very easy for you to switch those servers off: just unbind them from the TCP/IP network protocol in the network settings.
Please test with:
C:\\> netstat -an
wether there is no process LISTENING any more, which is not bound to localhost 127.0.0.1, _before_ you connect to the Internet again.
If you're doing so, and if you're PC is nothing offering to the Internet any more, then you don't need a packet filter any more.
If you want a packet filter, also Windows 2000 has one. It's a little bit hidden, because Microsoft calles the user interface for it "IPSec" (which of course usually is somewhat completely different ;-)
That's something of a mantra from you, so I looked up old messages for an explanation of your opinion. I've wondered how a fw would prevent reaching out and touching someone via http, and you demonstrate the answer: it can't (though I suppose an opsys hook could prevent it). And maybe I didn't look hard enough, but I didn't find anyone offering a technical argument why you are wrong.
Of course, Gibson says ZoneAlarm is the cat's ass; perhaps that's enough. And there are testimonials like "I've used 'Impregnable' for 50 years and never got infected." (Never mind that this is like the person who, when told that Homeland Security Dept. is a bureaucratic boondoggle, says that can't be true because we've had no attacks since it was created.) But all that aside, it's just general knowledge that anything included in Windows must have some serious flaws.