You have a couple of options for a somewhat more sensible setup
- if your router is decent, it should support MAC->DHCP mappings - which means that you can basically give some
client PCs static IPs, even though they get the address via DHCP. This is really wonderful for managing computers, especially if you have more than a handful but still need to be able to connect to them directly (remote desktop connections through a VPN to machines in another city, for instance).
If it doesn't, no sweat - it sounds like your setup only really needs your
machine to have a static IP. So, keep the rest of the machines on DHCP, and give yourself a static IP outside the DHCP pool range. Yeah, you'll need to change your port mappings once, but from then on you'll be running the same static IP on your client machine.
Once you've done this and disabled DMZ, only forwarding the ports you need, theoretically
you don't need Windows Firewall. But it's almost free in terms of resource consumption, and it offers an additional level of protection should a machine on your LAN get infected (not very likely to happen if you live by yourself, but if you've got family or a significant other who aren't tech wizards, well...
) - I don't really believe in personal firewall outbound protection, as I've stated in multiple other threads, so Windows Firewall should be just fine.
Nice that you're running NoScript and AdBlockPlus, that definitely helps with security (although you can easily whitelist too much, and if a whitelisted server is hacked it can still be brought to serve malware - nothing is perfect). I'd suggest additionally using DropMyRights or similar with FireFox (and any internet-facing apps) since you're probably running a user account with administrative privileges. That gives an extra level of protection without too much fuzz.
With a setup like this + responsible internet browsing, you should have a pretty good chance at not getting infected, and it's certainly better than being wide open and and depending on an antivirus program to never be outdated and accidentally let something slip through
. Heck, I don't even run Antivirus at all, but that's probably hubris on my part. I just haven't found one that I liked (or rather, I don't feel like shelling out for the one I like, namely Kaspersky).
Btw, after having Vista on my laptop for, what, around 10 days? I don't really get why people bitch and moan so much at UAC. It does provide a substantial amount of security (and if exploits are found, they should get patched) and imho it's not so intrusive once you've got your initial machine config+setup done. I do tend to mess around more on my workstation than my laptop though, so perhaps I'd be more annoyed on the workstation