seekermeister, as said earlier... there is no "absolute" security in computer network. Well... there is, disconnect the computer, then turn it off... Anyways...
If you are paranoid about your wifi network connection, I have several suggestions:
1. Don't use DHCP, disable it, use manual static IP addressing. Use weird IP addresses, there's a lot of private IP subnets that you can use that doesn't start with 192, or 10, or 172... And use classless subnet mask (anything other than 8/16/24 bits).
2. Use obscure wifi standards, preferably 802.11a, though slow, it will most of the time "save" you. The analogy is this, if the thief can't see the house, he can't break into it... If you need speed, then all you can do is use g/n plus WPA2 encryption (preferably AES). Stay away from MAC address access control, if the "hacker" knows how to break into your wifi AP, spoofing a MAC address is child play.
3. If you're comfy, use pre-shared key. This is the "key" so that you can login to your wifi AP. If you're paranoid, use 32 random characters or more as a key, don't forget to use special characters (like *,(,),-,_,+,=, etc). If you're don't feel comfy with it, use RADIUS server to store the key(s) (but you'd need somewhat better access point for this kind of security). By using RADIUS, you can make many keys, and rotate those keys (this depends on the RADIUS server).
4. If you're REALLY paranoid, then put your wifi network on the outside of your LAN, then use router to connect the two, then put a traffic filter between the two. By this I mean once you're connected, you can't just put IP address then all is well, you need to configure gateway(s), custom DNS servers, etc. Much harder to break into.
5. If you are BEYOND PARANOID, put the wifi network outside LAN, and isolate it, put a VPN server in there. So if you want to connect to your LAN, you need to authenticate at least twice (first will be the wifi connection, then set static IP address, then authenticate to the VPN server) and put traffic filtering plus SNORT server, make it to automatically shutdown the network interface if it detects ANY SUSPICIOUS activity. If you're beyond all this, stack the VPN server configuration as I mentioned earlier several layers... that ought to drive the hacker away simply because it's too tedious to break into...
zzz2496