Hi Matt,
on Monday, 2005-08-29 at 14:54:46, you wrote:
> I'm not trying to do anything complicated like protect a LAN or include 
> a DMZ or run an ftp server or anything like that.  I'm just looking for 
> a quick and easy way to add another layer of protection to my desktop by 
> closing all unused ports. 

Well, if they are unused, they are closed, no need to worry about them.
The only thing you'd need some packet filter (a firewall is something
different, although the term sounds so good that the marketroids have
established it even for simpler things than iptables) for is if you want
*restrictions* on some ports, like to open your web server to the LAN
but not the internet.
On Windows, the situation is a little different as you don't have a lot
of control about what program opens what ports if you don't know your
system inside-out. And many programs love to connect to their masters
and tell them all kinds of stuff about your system, so you'd usually
want to block these on an application level.
If you just want something that pops up once in a while and gives scary
messages, there's the ususal Perl one-liner :)

perl -e 'use Tk;while(1){sleep(rand(290)+10);new
MainWindow(title,"Boo!")->Button(-text,"HackAttack!!!one!\n\nBlock")->pack;MainLoop}'

cheers!
	Matthias
-- 
I prefer encrypted and signed messages.       KeyID: 90CF8389
Fingerprint: 8E 1F 10 81 A4 66 29 46  B9 8A B9 E2 09 9F 3B 91