Why you need an Outbound and OS Firewall:

Hacker tricks that only outbound and OS firewalls can stop

Inbound-only firewalls can’t stop these hacker activities.

• Someone who uses your computer may be deceived into installing a seemingly safe download, such as a screensaver, which hides malicious software in it. Such trojan horse malware can be used to set up a “back door” security hole for hackers. Some trojans set themselves up to receive connections from the outside so a hacker gains access. The ZoneAlarm OSFirewall, however, is designed to detect and alert you to this kind of behavior so you can stop it.
• A spoofing attack is a situation in which a person or program masquerades as another by falsifying data in order to get past the inbound firewall. Once the intruder is in, only an outbound and OS-level firewall can protect you by detecting and blocking his suspicious behavior.
• A security exploit is a program crafted to take advantage of a security hole or “back door” in an application or operating system. Hackers also use “vulnerability scanners” to quickly check computers on a network for such known weaknesses.
• A rootkit is a collection of programs that enable hidden privileged access to a computer or network. Typically, a hacker installs a rootkit after accessing your computer by exploiting a vulnerability or cracking a password. Or, the rootkit may even be hidden on a CD or DVD. Rootkits are difficult to get rid of because they activate each time your computer starts up. They may be discovered by good antivirus software, but they are difficult to detect before they do harm. This is why the ZoneAlarm OS Firewall works hard to stop the rootkit from even being installed---by detecting behavior that indicates a rootkit installation is being attempted.