Everyone should be using a personal firewall. A Windows machine connected to the Internet without a firewall can be hijacked in just a few minutes, Mac OS and Linux machines can also be hijacked.
When you browse the web or read your Email you are connecting to another computer on the Internet. Computers use different network ports to access different services and a firewall selectively opens these ports to allow access to different services.
Different firewalls have different default settings, the simplest setting is to deny all incoming traffic but allow all outgoing traffic. What this means is if a machine on the Internet trys to connect to your computer it will be blocked but you will be able to connect to other machines to browse the web etc.
There may be a few services you are running on your computer you may want to make available to others and can be enabled on a case by case basis. For example, to allow others to secure ftp to your computer you need to allow access for those machines on TCP port 22.
The firewall software may describe each port by the service it provides but if you need to know which port numbers correspond to which services you can view a list on the Internet Assigned Numbers Authority (iana) web site.
Windows XP has it's own built-in firewall. The default setup should be secure enough for most users. If you use an older unsupported version of Windows then you can buy personal firewall software from suppliers such as McAfee, eTrust, Norton or Zone Labs.
Mac OS X has it's own built-in firewall (ipfw) which is off by default so the first thing you should do is turn it on by opening the Sharing System Preference.
Apple menu -> System Preferences -> Sharing -> Firewall -> Start
Initially no inbound ports are open, however if you enable one of the services in the Sharing System Preference then the appropriate ports in the firewall are automatically opened to allow the service to function.
Additional features i.e. Blocking of UDP Traffic, Firewall Logging & Stealth Mode can be enabled by clicking the Advanced button.
All firewalls in Linux are based on iptables which are network traffic filters built into the kernel. You can change iptables rules from the command line or use a graphical configuration tool. See here for more detailed instructions.