It's not a bad idea if a truly malicious virus has in fact infested your system. If you're looking for an excuse to upgrade the HD this could be it - just put in the new drive, install your OS (I'd recommend an NT based one, certainly if you're doing real work on it), install AV protection, install your personal productivity software, get a NAT (LinkSys and many other sell really inexpensive ones) and put between you and the DSL box, then insert the old drive into the system as a second drive. With you booting from a clean and AV protected system partition it should be safe to access/scan etc. any data you need.

The 9x family (95/98/Me) of 'operating systems' - using the term quite loosely - is pretty easy to compromise, certainly if left exposed to the internet while opened for any sort of resource sharing. The NT based family (NT/2K/XP) has an actual security model that at least gives developers the tools to try and restrict unauthorized access.

In any case I'd prefer a real NAT/firewall over a personal firewall software as a first line of defense. I use both, but that's probably overkill.

EDIT - A firewall won't save you from the sort of attack where you are inadvertently pulling the infected file into your system, like accidentally clicking a link to an infected web page. This is where the OS patches (first line of defense) and good, up to date (this is critical) AV software helps as your last line of defense.

[This message has been edited by charlie (edited January 23, 2003).]