As long as you connect through a NAT router you're pretty safe whatever the state of a software firewall (at least to external attacks - if you use a shared internet connection you are still vulnerable to other clients behind the router). Software firewalls were only really useful when everyone used dial up connections and your computer effectively was the router.
Also, in spite of scare stories from sites such as grc.com, it's simply not true to say that any open ports mean you are exposing yourself to anyone who wants to having a look around: if that were the case then there would be no servers on the internet! As long as you're sensible about passwords, all you are risking is the exploit of any security holes in services you may be exposing
I've never run the software firewall in OSX (or windows for that matter) and sit behind a wireless NAT router with a tunnel through for ssh so I can connect to my mac over the internet. With ssh configured properly I feel pretty secure in doing that.
Also, in spite of scare stories from sites such as grc.com, it's simply not true to say that any open ports mean you are exposing yourself to anyone who wants to having a look around: if that were the case then there would be no servers on the internet! As long as you're sensible about passwords, all you are risking is the exploit of any security holes in services you may be exposing
I've never run the software firewall in OSX (or windows for that matter) and sit behind a wireless NAT router with a tunnel through for ssh so I can connect to my mac over the internet. With ssh configured properly I feel pretty secure in doing that.