I've been using zone alarm now for about 4 years, and am pleased with it. Even formatted my own xml ip blocklist and imported it with great results.
I tried sygate, and found it more of a hassle (Probably because I'm used to ZA)
What in your opinion is the better firewall ZA or sygate?
One other thing: I seem to get alot of portscanning across the netbios range (137,139, 445)
Is this reffered to as "syn flooding"?
Sometimes they are all from the same ip address. Should I add these parties to my blocklist when this happens?
Zone alarm blocks my netbios anyway, but I wonder if I should be concerned at all when my log file shows "extra" activity.
Is this an example of script surfing, or just chatter?
(yes I'm slightly paranoid, but one needs to be on top of things in this day and age)