NAT - No Firewall Needed?

[seek12]

I have a SMC router which NATs my WAN IP to internal class C's for my home network. When ever I do an online scan, it can only see my router IP.

For a personal network like this..is there any point to having a firewall to block incoming traffic?

I also do not run any internet servers or ftp services etc.

Thanks

Seek

 

[pmf71]

You Always need a firewall, even with NAT. In the case of NAT, the firewall consists mostly of SPI (Stateful packet inspection), That means every incoming packet is checked for authenticity, in other words: Is the packet actually a reply to a request sent from one of your internal PC's. If SPI is not present, a hacker could actually gain access to your internal network(Don't ask me how, i am not a hacker). But most NAT routers do have some sort of packet inspection, so you're reasonably safe from most amateur hackers, And these days most of them have primitive DOS protection. But there are 100's of hacking methods, and to be safe from all of them would cost you at least $1000-1500 for an advanced router/firewall.
And to be more specific, the function of a firewall is not just to protect from outside, but also to protect from inside (for example, preventing an infected pc from sending mass e-mails).