xepherys

Well, to throw in my bits, what MechCow said is 100% correct. Software firewalls are often not a good solution at all, and here's why. First, as already mentioned, data has to (literally, actually) physically enter your PC as an electronic signal (packet of data) before your software can stop it. More technically, it has to enter the TCP/IP stack of your network driver, be delivered to software wedged into the kernel somewhere and then be defined as bad or not bad (I won't say good... just not bad). By the time the data is here, it can DoS you (denial of service... cause problems with your connectivity and speed), it can overflow buffers in your driver, in the firewall software or possibly in another process running nearby in memory.

The second downside of software firewalls is that they generally do not behave in a rational way for trying to setup/configure new allowables (this goes for ZoneAlarm and Windows Firewall and McAfee (?) for sure). Sometimes things will mysteriously work or not work when they should not work or work. Also, removing the programs later or even disabling them will not always have the expected effect.

Using a hardware firewall (even a cheap one) will prevent the vast majority of the above listed issues, the only downside being the purchase and configuration of a new piece of network hardware.

Oh, actually, I didn't mean to post only about the firewall, so here's the other stuff:

600 is LOW LOW LOW for 48 hours, even behind a typical firewall. In most standard setups, you'll get ICMP/IGMP packets in a cable subnet that the firewall will block. They're not likely malicious, but your system has no good reason to respond to them. Someone also may have a service sending packets over broadcast or multicast which, in most places get stopped on the cable network, but not everywhere depending on how your local hubs/trunks are setup. High priority alerts are the only thing to generally be worried about.