Statefull Packer Inspection against any kind of Malware!

[beatnik]

Lets assume that i do not want to run critical security updates (patches) 
by Micro$oft.

a) I was wondering if just a firewall can save my ass without even using 
AV. Is there a WinXp firewall tool with stafefull packet inspection that i 
will configure it to accept inbound traffic only as a respond to mine 
previous outbound connection?

b) If there is one, then i would like it also that firewall to inspect each 
incoming packet to my network interface and if the data portion of the 
packet matches a virus/trojan/worm/ or anykind of malware packet then 
simply it will have to drop it of.

That way even if i deliberately choose to open a virus infected link or a 
worm infected attachment my OS still be in no danger at all even without 
running an AV or Pacthes!

I think this is a logical demand and we dont have to search every day for 
pacthes to secure our holes in our OS instead will leave the firewall to 
update his database automatically.

Antivirus Packages after all dont work as they should in my opinion!. They 
wait for your machine to get infected with a virus which is stored in a hdd 
file and then because they have a scannable object in their hands, only 
then, they can delete the damn thing.... 

I beleive Statefull Packer Inspection by examining the contents of the ip 
packets data portion against a malware(trojan/worm/virus) database that 
would update it self periodically would be a far more secure approach. 
No?!?!

What you guys think of of it? Am i asking too much?


-- 
Just because I can, doesnt mean I will.
Just because I dont, doesnt mean I cant.
Just because you say so, doesnt mean Ill change.
And above all, just because you want it, doesnt mean I care.