Anything out there as far as firewalls or antimalware, like ZoneAlarm or Windows Defender for the PC?
I used to subscribe to ZoneAlarm on the PC. I dropped over two years ago because they "improved" it to the point it became unusable and unreliable. In earlier versions, it worked well and was simple. Then they made configuring it such a chore, I gave up on it.
So I tried TinyFirewall, given its good reputation for minimalism. I found it was a bigger nightmare than ZoneAlarm.
On the Mac, we have a cute program called Little Snitch. It handles my basic firewalling needs. And even granny can understand it. My Mac buddies all agree: they need to make a PC version of this program! They emphasize simplicity and control. It just couldn't be easier for non-server use.
I can't name all the programs I've seen over the years that have been destroyed by feature-creep and feature-bloat.
Beyond that, the System Preferences offers simple firewall control for Samba, file sharing, FTP server, SSH, Remote events, printer sharing. OSX is so secure that the firewall in System Preferences isn't even enabled by default. It's debatable but I turned mine on.
If that's not enough, you also have the full-blown UNIX standard
ipfw firewall and the new
ip6fw firewall along with the full suite of network traffic shaping and proxies and nameservers and, well, all that UNIXy stuff. There is nothing else that compares to this time-tested solution for firewalling. But it is command-line stuff so it's not for granny.
ipfw uses a set of up to 65535 rules to route and shape traffic. Here is a simple sample of the rules:
02000 allow ip from any to any via lo*
02010 deny ip from 127.0.0.0/8 to any in
02020 deny ip from any to 127.0.0.0/8 in
02030 deny ip from 224.0.0.0/3 to any in
02040 deny tcp from any to 224.0.0.0/3 in
02050 allow tcp from any to any out
02060 allow tcp from any to any established
02065 allow tcp from any to any frag
12190 deny log tcp from any to any
20000 deny log icmp from any to me in icmptypes 8
65535 allow ip from any to any