After months 
of being too busy, I finally managed to finish up the program that imports ZoneAlarm logs into a Postgres database (trust me, you need a tank to deal with this kind of data): I’ve been using ZoneAlarm, literally, before I turned on this laptop in February of 2004 and ever since then I’ve been collecting all these ‘hits’ and ‘events’ data. Food for statisticians.
A total of 468,194 hits (in/out) and a total of 20,001 events (application access) were logged in over 700 files: the Postgres import utility took less than an hour to pump the data into two giant tables (appropriately named ‘fwall’ and ‘fevents’). 
It took me longer to make the graphs work in OpenOffice than to program the data collectors. Not joking. The above graphs are the results of the intial queries (pre-finetuning), but already highlight the following detail: I bought my router in April of 2005 and since then things have remarkably slowed down (marked red in both graphs). Notably things heated up in June 2004 and September of 2004, and a quick glance in the security reports tell me that June/July it was ‘Beagle’ month and in September it was ‘MyDoom’ month.
I’ll have to dive in the ‘port’ query to confirm those particular virus and trojan attacks (most of them use a certain number of ports). It be also interesting to finally extract the IPs and group them by location.