Having a constant connection to the Internet while not running any security program is very risky. A common comparison is like leaving the keys in your car with the engine running and the doors unlocked while you run into the store. You may only be gone for a few moments and many times no one will notice. But, if you do this every day, it won't take long before your car is gone!
Hackers have software that combs the Internet for open (computer) doors. While some are simple nuisances that may play simple pranks, others are created with malicious intent. These more severe strains may attempt to delete information from your computer, crash it, or more commonly, steal personal information, such as passwords or credit card numbers. Some hackers enjoy nothing better than breaking into vulnerable computers. A firewall can help protect your computer against these and other security attacks.
If you have a dialup connection, then the XP firewall is probably good enough. Dialup connections are not easily attacked due to the online inconsistencies and the fact that the IP address is changed with each connection. Those connections that are full time, such as DSL or Cable are much more likely to be targeted. You should have a more reliable firewall, up-to-date and functioning at all times. I use, and recommend ZoneAlarm. But, there are many others to choose from, such as: BlackIce, eTrust, Fireball, Freedom/Hacker Stopper, F-Secure, Kerio, Look'n'Stop, McAfee, Norton, Outpost, Panda, PC-cillin, Preventon, PrivateFirewall, Sygate, Terminet, Tiny & Trustix.
Note: Though XP's firewall is better than no firewall at all and compatible with any others you may use, XP's firewall monitors incoming connections only. Should Back Orifice, NetBus, or any other backdoor program find its way onto your PC, XP's firewall will do nothing to stop it from granting remote access to your system.