Wow, lots of interesting posts so far, but what I'm wondering from all of this is that why would I need any type of packet filtering, state inspection, etc. type of firewall ( excluding the application ones ). I use my laptop the majority of the day. I dont offer any services so if someone were to scan me, I doubt it would cause me to panic. For that matter what would a firewall be useful for except at points of entries into the network. If you or the company are running a web/ftp/whatever server, you would have to still open up the ports so that users can connect to it. So what would the purpose of the firewall be in that case? It shouldnt prevent anyone from connecting to the service because you offered it. In certain situations I can understand the need for a firewall, such as banning certain IP addresses. Then that would mean you really only need a few firewalls. The primary one would be the entry from the Internet into the network. The 2nd one might be from a DMZ to the internal network. Would there be a need for firewalls anywhere else?

My concern are about programs that dial out, whether they are on a laptop or PC. How can I be sure that as I've said, XYZ program doesnt connect to Timbuktu? Granted I shouldnt be installing software from sources that arent trustworthy, but I use my laptop a majority of the time. I like to mess around with new software. I'm not going to be told ( and by whom? ) that I shouldnt install the software because its unsafe. I want to know that after I install it, if it connects out. I want to say, ok this program is dialing out for some reason that I'm not sure of and I want to stop it. That goes for any program that I install. I guess this comes down to an issue of trust. I want to trust that my software isnt making who knows what connections to who knows where. And if it is, I want it to stop.

Would a firewall be used in this case? Would it even be called a firewall? I guess it might be a "reverse" firewall. One in which outgoing connections are prohibited. I dont care about connections that come in ( well maybe a little ).

Before I forget, I did try out the XP ICF, it seemed simple enough except I couldnt trust it. I checked that little box that would alert me about any outgoing connections and it didnt do it . Fired up my browser and not a peep. Used the LiveUpdate feature from Norton Ghost and nada. Dont even want to know what else that things not telling me.