Well the good firewall should stop it, Alot of firewalls will come streight out and say that someone is trying to access you via Sub7 and then give you their Ip address ( when this happens i usually ping them and then scan them just to let them know i am there ) The most common way of infection would be threw some sort of file sharing program, an email attachment and things downloaded off of websites.
You really wouldnt know someone has infected you with a Sub7 unless you have some sort of Virus protection...but even with that i think with Sub7 there is a way to disable the virus scan or make it undetectible.
Sub7 is a really easy to use trojan that cuts out alot of the work that would have to be done by other trojans.. For example with netbus trojan after you are infected the person who infected you would have to scan IP ranges of your ISP looking for an open port on 1234567 for example
The only advise i can give you is watch what you download, keep your virus definitions up to date and watch what is trying to access the internet threw your firewall reports ...oh and if you do a search on google.com for Trojan Ports you can come up with a pretty good list of what ports to have manually blocked on your firewall
