Ok, that makes more sense, but that also means that if a trojan has an established connection/port with the hacker at the destination IP, then I can't shut it down (aside from shutting the computer down or unplugging the cat5 cable)? There must be a way to manually close ports.

How long does it take sessions to time out (I assume they time out due to inactivity)?