IRC is a free for all anonymous medium, thats the beauty of it. However it potentially damaging if you the user divulge certain bits of information. Security is often mistaken for the implemention of a firewall, when in reality its a complete end to end process, of which the technical aspects are a small part. Without a policy i.e. what you hope to achieve, technical stuff like firewalls will not protect you from harm. The general rule is trust nothing, and deny everything but what you need to do your job, play your game etc.
Always use a strong password, one that contains letters, numbers and means something to you so you can remember it. Examples 5t4rwars99, t4nger1n3, 1luv2hax0r etc. The reason being is if you pick a dictionary word like 'apple' a brute force password cracker could just try every permutation in the dictionary and crack your password. I am not just talking about Q/L accounts either, its everything. Once your Q/L password is cracked, it is a fairly good assumption that your computer, email, internet access etc all have the same username and password as IRC.
IRC by default gives away certain bits of information that could be used against you. Your ip/dns and possibly your real name. Dns names could be tied to an area, together with your real name, the area in which you live, you could actually determine someones exact address and phone no. Be careful who you give this information to, the person may not be who they say they are. There has been cases of QuakeNet users getting random abuse phone calls because of information that has been gained via IRC. Note: we will be implementing a form of ip/dns encryption in the new version of our ircd currently being tested.
(at this point someone like CNN would campaign to get IRC banned as being evil and dangerous, but its just a fucking protocol, how ppl use it whether it be safely or to cause harm is upto the user)
Use a firewall/virus checker. There is good free software to do this, like the zonealarm firewall and avg virus checker. Use them and make sure they are kept uptodate. This will greatly limit any potential network based attack on you.