bnt

The way those kinds of programs work, they require the client PC to open up a connection first. Only then is there an open NAT port through which data can enter. Assuming the NAT itself isn't broken and ports aren't being forwarded, an external computer can not open a port: it has to be invited in. That's also how multi-player games can be made to work through NAT, by the client connecting to a central server, thus opening a connection through which game data can be transferred. That's not a back door, it's a front door.

Of course rogue programs can do this from the PC, but when that happens, a firewall isn't guaranteed to help, either. I never said NAT was a total security solution, but if you run a good up-to-date virus checker, and surf responsibly (using Firefox with NoScript), you can be pretty confident IMHO.