LOL!! That's a brilliant post, tolly2! :-)
I don’t know of a suitable web site, but I'll have a go at the principles; others with a D-Link 524 router will need to help out with precise, step-by-step instructions of how to implement.
Wired; external threats
A PC with Broadband connection is accessible directly from the internet, so anyone or a computer program could get access to it.
A software firewall program, such as Windows XP’s firewall, or better products such as Zone Alarm (free), Norton, MacFee, etc, would “cloak” your PC such that it would not respond to these externals and appear as if your PC does not exist (stealth mode).
But your PC is still there and external programs trying repeatedly and sequentially through the number combinations in an IP address, could still be vulnerable to unauthorised access.
Most routers add another level of defence (NAT) or a hardware firewall, between your ISP’s & hence the internet Wide Area Network (WAN).
This is done by having a completely separate and your own network’s set of IP addresses (LAN – Local Area Network), which can not be easily accessed by anything via your cabled connections.
Wireless; external threats
Well that all sounds great, doesn’t it.
Until wireless networks’ broadcasts opens it all up again for anyone within reception range of your router, laptop and other wireless devices, to connect via the wireless part of your local network, identified like a radio station’s name by your router’s SSID.
Setting up MAC address filtering enables ONLY your physical devices to be allowed to connect to your wireless network.
Data encryption (WPA/WEP) codes all data transmitted (wirelessly & wired) on your LAN using your passphrase and can only be decoded using the same passphrase.
Stopping the broadcast of SSID makes it a lot more difficult for someone/thing to “tune” in to your wireless network.
Stopping the automatic response of your router to “reply” to an external “Ping” probe signal (bit like sonar), cloaks its existence further.
Hope that is a helpful start?