Originally Posted by donheff
The biggest threats result from return traffic based on your browsing habits. Those attacks are harder to block.
Right. NAT makes it almost impossible for an outside attacker to initiate the session, at least with HTTP (assuming you are doing no port forwarding). But if you point your browser at the wrong site you can be gotten. I think that is where a good AV program is useful.