NAT is not, and was never designed to be a firewall. The design goal of NAT is to allow large corporations that already use RFC 1597 private network addresses to easily migrate to connect to the Internet. Many broadband, and even frame-relay ISPs impose it on their customers to save IP addresses, as the only public IP address a customer needs is for the router, not every host behind it. So happens it hides the internal host addresses, the NAT host can be vulnerable, if access is obtained to the NAT host, an intruder can launch attacks from it. A real firewall can use NAT but it has policy rules on all interfaces, so inbound and outbound traffic can be examined against the rules, and rules need to be applied between the WAN and LAN interface, between WAN and DMZ, between DMZ and LAN.
Linksys's implementation of DMZ isn't right, it opens up all ports to the internal host designated as such, no rules and free access. It has a rudimentary packet filter, the least effective of all firewalls. If you want a secure and versatile firewall, make sure it is of the stateful inspection variety.
Scratch you need to make sure in Network properties all of your machines are of the same workgroup so you can "see" them in Network Neighborhood. You don't need NetBEUI, you can just find computer by its IP address, even if they belong to different workgroups.