[Twinny]

In more basic terms, NAT takes a local address (10.x.x.x, 172.16.x.x-172.31.x.x, 192.168.x.x) and turns it into an outside address (be it another local address or more commonly - a global internet address) and sends the data. The outside world can only see the router. The great thing is: unless a session is established or port forwarding is enabled: the outside world can't access anything past it.

NAT/PAT also uses unique identifers (or source ports for PAT) to identify what data gets sent where) so IP spoofing is impossible. The even greater thing is that you can overload an address: i.e. an entire 192.168.1.0 network could use 1 overloaded global address. If you have multiple global addresses in the pool, it will use the current address until no more source ports are available and move onto the next address.

If you have multiple computers using your broadband connection at the same time (either through a router/switch combo, a router to switch combo or if you're unlucky, a router to hub connection) then chances are that your router supports NAT. If not, programs like smoothwall (Linux glory and very powerful) or Microsoft ISA (A kick ass high-end firewall. Recommended if you know what you're doing) can also act as a NAT service.

Disadvantages: some services can be hampered by the presence of a NAT. E.g. FTP. FTP uses two concurrent connections (data and control port) to transmit data. NAT screws this up.