little nerds need their routers kicked up between their ears!

I have no issues with performance and McAfee. It's on every device in the house.

This is definitely the way to go. I did the same, purchase my own cable modem and wireless router. Changed the passwords from default to custom and feel pretty secure. Any anti-virus is going to be a performance hit. I have yet to see one not affect performance.

redskeet, most hackers are remote. That means they don't get into your system on your local Wifi at you home. They come in via the ISP connection to your equipment, and they do not need the admin password to your modem or router. Only the local neighborhood kid hacker tries to get in that way. Even then, once again, he doesn't have to log into your router's admin page, which is where all of you seem to be focusing. The local kid wants to get onto your Wifi, so he will need the SSID and the key phrase. Those are readily changed on any equipment. There is nothing magical about you buying something that did not come from the ISP. What matters is what security measures you enable, and in some cases, how you set them up.

When a hacker has drilled into your home's local network, if you were logged into your router, and looking at the active list of connected devices, you will not see any device you don't expect to be there. That's not how they get in (unless it's a neighborhood geek who has employed sniffers to figure out your SSID and pass-phrase), and yes, that can be done too, especially with ample time. If you want to stop local access hackers like the neighbor kid, it helps to set up a mac address filter. Only devices you put on the list as identified by their mac address will not be rejected. That's a bit more work to set up, but one of the strongest security measures you can take to prevent local access. There might be a few potential bad guys within range, but usually not many, if any. Geographical security minimizes that exposure for you.

If you buy a router, but leave it vulnerable in configuration, that's where the keys are left in the lock. The admin login or Wifi security, though important, are not the defining difference for remote hackers, who can be anywhere in the world. Unless you have some fairly deep understanding of the security mechanisms offered by a router, you probably haven't done anything that makes a difference you couldn't have made on the other equipment. If you do know, and you buy a higher end router, then yes, you can make quite a difference. Did you turn on NAT? Did you enable any smart DoS feature? Did you set up IPv6?

MAC filtering isn't a helpful security feature against someone using a sniffer. The MAC address is in the outer encapsulation layer of the packet, and there is no encryption applied to that level. Grabbing a MAC address is trivial and standard wardriving tools will display them.

All MAC filtering does is keep devices from connecting automatically if for some reason you don't want them to, or to keep the clients from communicating with each other (forcing them to only communicate with the gateway).

All this technical talk makes my network pants go crazy!

couldn't have said it better

^^^^^^^^^^^

Please, please post this dudes ip addy.