I hesitate to venture into this thread, but while Owen is correct in the general case ("NAT qua NAT provides no more security than a stateful firewall"), there is a corner case in which security is improved via NAT. The case is that of an enterprise network which uses 1918 addressing for all internal hosts, and uses proxies or other bastions as middleboxes to relay outbound communication.
The security provided is that in the event of an accidental bridging of "inside" and "outside" networks (i.e. engineer plugged a cable between the wrong two switches), the hosts will not be able to initiate communication with Internet hosts. Additionally, this same resiliency to accidental bridging does mean that the enterprise has a smaller number of possible Internet-facing machines, and thus can spend the time and effort to make them more robust. That benefit is not huge (and not relevant to the typical home user, who is not configuring a super-duper scanning proxy server), but it does exist, and it certainly fuels some of the pro-NAT feeling I've encountered among customers. David Barak Need Geek Rock? Try The Franchise: http://www.listentothefranchise.com