-
keep your computer up to date on service packs and patchs (thats all the software on your computer) and take basic precautions and you'll be fine. it takes finding a vulnerability or getting a user to do something foolish for someone to breakin and/or cause harm.
anti-virus and anti-spyware software are a must. well not really a must but are much more forgiving if you make a mistake...and it doesn't take much to make one (going to a warez site is a mistake) along with something that prevents and alerts to registry changes. most maleware needs to make a reg entry in order to restart with your computer. spybot s&d along with a few others have this capability included. theCleaner from moosoft has a reg tracker/alerter that doesn't expire like its trojan detector does when the trial period is over. you might decide you like it and buy it. there's a few others to be found but unknown software comes with unknown risks. check things out before you install
if you connect to the internet threw a router the only reason you could need a software firewall is for intrusion detection. to see what your computer is sending out and make sure it doesn't come from spyware/trojans/viruses etc.
-
Erm, there are better tools to use for intrusion detection than most personal firewalls. Most are free and have free resources on the net to teach you to use them (I know you know this Tedob1, I just have to put the argument out for everyone else).
Besides, nothing wrong with having personal firewalls set up on the machines in your internal network, if properly configured you may be able to keep yourself from getting the worm that your wife/kids were hit with on their machine.
Part of the firewall testing methodology I was going to explain later (if asked) includes using some basic snort and tcpdump/windump to ensure that the traffic that isn't supposed to make it through the firewall doesn't. Maybe I should do a quickie tutorial just for fun. =p
