To parrot Mike's reply....
<font color=red>Firewall: </font color=red>
ABSOLUTELY. Without getting into the minutia, there are 2 ways to go here - a FW which is loaded on your PC or one that is in a separate piece of hardware (e.g. a router). Both have advantages & disadvantages, so using both in conjunction with one another is the best.
Small routers for home use (choose your brand: SMC, Linksys, Netgear, etc...) are pretty cheap now days and offer a good "front line" to defend against attacks. (AT&T does block some ports on their network for you, but don't count on this to save you!) Sure, $100 isn’t “free”, but how much is keeping your information secret worth to you? (e.g. financial info, personal documents, family pictures, etc.)
Obvious things like personal information on your PC (such as tax info, money manager stuff, etc.), is at a very high risk without something to block intruders, however, that isn't the only problem. If you ever order anything on-line or fill out information on a web page (passwords, personal info, etc.), it can be "observed" too through the use of some <A target="_blank" HREF=http://security.tao.ca/keylog.shtml>malicious programs that track they keystrokes</A> you make (think of it like a recorder.) (Don't count on SSL to "save" you from these programs!!!) This is where your anti-virus software comes in to play to keep those programs off your PC.
To make things short, my vote is for NAV as well - it covers a wide spectrum malicious programs (Trojans, viruses, etc.) With the auto update feature & your cable modem, it can always remain up to date with little to no intervention from you.
As far as the free firewall software, ZoneAlarm is considered one of the best, however, be aware that there are
It may work just fine with your setup (and free is nice), but regardless of what <A target="_blank" HREF=http://www.cnet.com/software/search/1,11066,0-352108-1202-0,00.html?pn=3&ob=1&qt=&qn=&F2=0&F3=0&sm=1&rs.x=21&rs.y=4>CNET says, there are other products out there that I believe are better.
<font color=red>Other Best Practices: </font color=red> Some Motorola cable modems allows you to disable the ethernet connection to your PC by the press of a button on the front of it. This is nice because it puts a “hard break” between your computer and the Internet when you aren’t using it while letting your modem stay connected to the network. Other than getting a modem that has this feature, I’d recommend you disable your Wake On LAN feature (assuming you have it) in your BIOS and keep your PC off (or otherwise disconnected from your modem) when not using it. If you have your home PCs networked, disable (or at least password protect) the various sharing services (disk, printer, etc.) Again, AT&T usually blocks these ports for you already, but not every provider out there does. Of course, this is addition to using the firewalls (HW & SW) and anti-virus software mentioned above.
Here's a few other links you might find helpful or interesting. Hope this helps...
http://hardware.search.com/search?curl=1,0,0-1016-0&tag=srch&qt=firewall&cn=&ca=1016
http://www.pricegrabber.com/home_comp.php/ut=0cef7e8f5b58e3ee
