to talk to itself internally it can appear as a server to a software based firewall. A real (hardware) firewall would never complain about this because it is concerned with packets coming into and out of the machine and doesn't see what is happening inside the machine. The software firewall however sees any activity on the TCP/IP stack of your computer.
It's not that it's checking for updates, but that it is opening sockets internally to talk to itself that causes ZoneAlarm to complain. In this case ZoneAlarm is wrong though. Firefox is NOT acting as a server and is NOT sending any information out the the internet. It's just having a quiet conversation with itself. :-) In short, it's nothing to worry about and you can safely give Firefox what ZoneAlarm is mistakingly calling "server" permissions.
https://bugzilla.mozilla.org/show_bug.cgi?id=100154#c18 NSPR pollable events are implemented with a pair of TCP sockets on Windows. Unfortunately this requires opening listening sockets on the loopback address temporarily.
In NSPR 4.2 I added code to PR_NewTCPSocketPair to only accept a connection from the other socket created by the same invocation of the function (bug 106496). This should eliminate the security issue, but not the temporary listening sockets.
I don't know how to implement NSPR pollable events on Windows without using a pair of TCP sockets, so I am marking this bug WONTFIX.
NSPR is the Netscape Portable Runtime, a part of Firefox.
http://www.mozilla.org/projects/nspr/about-nspr.html NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management (malloc and free) and shared library linking. A good portion of the library's purpose, and perhaps the primary purpose in the Gromit environment, is to provide the underpinnings of the Java VM, more or less mapping the sys layer that Sun defines for the porting of the Java VM to various platforms. NSPR does go beyond that requirement in some areas and since it is also the platform independent layer for most of the servers produced by Netscape.
It is expected and preferred that existing code be restructured and perhaps even rewritten in order to use the NSPR API. It is not a goal to provide a platform for the porting into Netscape of externally developed code