I totally agree
Running the software firewall with all services closed will give you pretty good protection (all your posts will be stealthed - you can check this at www.grc.com
- use the ShieldsUp tool)
Then disable all services such as ssh, ftpd, httpd etc that you're not running and as said above, keep your system up to date.
Don't forget the importance of good strong passwords - mix lower and uppercase alphanumerics and symbols.
A simple NAT router will give you a further level of hardware protection and a modern one with an spi (stateful packet inspection) firewall is better still. The consumer models are not that expensive - I recently bought a netgear DG834 ADSL modem/router with 4-port switch and SPI firewall built in for £62.00.
Either way, you'll be a lot better protected than those poor souls running a MS OS
Hope that helps,