NAT really isn't a firewall - it doesn't help the fact that you've got the machine unprotected - it just hides it behind another IP. The best firewalls are stateful and have some kind of mechanism to check packets for known-bad signatures (ie: Code Red packets).
Windows XP Service Pack 2's firewall is much improved over the original Internet Connection Firewall, but (for obvious reasons) most people wouldn't want to upgrade to a beta service pack of their OS.
__________________
Eat antimatter, Posleen-boy!
|