During my testing of a number of software firewalls, it became clear that none of them offered complete outbound security as revealed by a number of tests. A number of firewall vendors put forward the argument that firewalls are mainly to block incoming threats and therefore leave outbound security to AV/AT programs. Since these tests have been available for 2 years or more, I am surprised that very few freeware/commercial firewalls appear to pass all of these tests. In my experience, a number of software vendors have little knowledge of the firewall testing programs, both inbound and outbound, available on the net. Therefore, they are surprised when their particular product fails particular tests. 3 main questions arise. 1. How can the average computer user protect him/herself against malware determined to get out. Is inbound protection sufficient? 2. What is the significance/reliability of these outbound tests e.g.tooleaky? 3. Is this again an example of 'snakeoil'!!!!!