I can tell everyone a story about this situation as follows.
NTL put cable modem into our area about 3 years ago. I immediately signed up. Cable modem was duly installed. Then my problems began.....
My W2K server randomly restarted. I'm not talking here about a graceful Windows shutdown and restart - it was just as though someone had hit the reset button or power cycled the PC - from Windows to hard reboot instantaneously. Now you see it, now you don't.....I was watching the server console when this happened so I know exactly what it looked like - one minute you have a friendly Windows interface looking at you, and an instant later the bios is running its self tests.
I purchased two high quality software firewalls (well I thought they were high quality anyway!). Wingate and Conseal. Tried both, did not cure the problem, still got random restarts on the server - which was configured to act as a gateway for the other PCs on the network (two NIC cards). Tried both firewalls together - no dice.
I lost my C: drive as a direct result of this - one time it would not restart, I presume the disk had been scrambled. Fortunately I had done a full backup with Norton Ghost the evening before so it didn't compromise me for more than half an hour (see other thread about backups).
Raised the issue on a technical forum which I had access to. One knowledgeable chap who knows about these things asked for my IP address and we agreed a time - 10pm one evening. At that time he configured his system to attack my IP address (purely in the interests of investigation - it's his day job and he doesn't do this to suckers who aren't expecting it). Sure enough, within 30 seconds of the attack starting (I was watching the cable modem lights buzzing) my server bombed, so guilty party found - it was the cable modem connection allowing some nasties to come in.
Another expert advised that I should buy a Netgear FR314, which is a firewall router. I believe this runs Linux and one of the better known firewalls. From the day it arrived I never again saw a phantom restart, and the FR314's log files show multiple attacks taking place every single day.
For anyone on ADSL Netgear (and other companies) offer a similar device to the FR314 - the latter is for cable modem only.
The main problem with a software firewall installed on a PC (and the reason these didn't work for me) is that before the software firewall has a chance to monitor and intercept the traffic, that traffic has to come into the PC NIC card. And if the attack is designed to attack the NIC then the firewall just won't stop the attack. Cheaper NICs (which I have) aren't very robust to attacks which take place.
Much better IMHO to have a hardware (or Linux box) firewall sitting on picket duty between the incoming connection and the PC network. That way the PC doesn't get to receive the bad guys - they are stopped at the entrance gate by the hardware firewall.
PoP