Just another agreement -- I block UDP (you might as well -- if any software you use suddenly stops working, you can turn it back on...) and enable stealth mode.
The way I understand it, stealth mode basically causes the computer to behave non-responsively on ports that are blocked, rather than rejecting the request. The reason this is done is that rejecting traffic is a "tell" to the potential hacker, in the sense that it allows the hacker to determine information about your computer / network. I'm not super clear on this. But I think an example would be that if you have a router that forwards certain ports to computers, and blocks others, traffic rejections can be used to determine which ports get past the router and which do not.