I currently have a basic Netgear NAT router. It's good, reliable, and does it job. However, I want to secure myself a little more than what NAT does. So I'm strongly considering a new firewall implementing stateful packet inspection. Why am I so paranoid? Well I am nearly always on IRC - which is a packet/script kiddie haven. This new firewall I seen (for a good price) claims to prevent Denial of Service (DoS) attacks such as Ping of Death/Teardrop, SYN Flood/LAND Attack, Smurf Attack, IP Spoofing, Port Scan, etc. It also incorporates NAT.

From what I can tell, NAT doesn't block DOS attacks. It just hides your internal network from the outside world. Will a stateful packet inspection firewall be a good investment over just a NAT firewall to increase security? But then again, I've heard nothing will protect you from DoS attacks. You're router will still get hit with the packets, it just won't respond (so it will still consume your bandwith thus knock you off). Is this right? And should I get a stateful packet inspection router (with NAT) over a router with just NAT? Thanks.