I have a home network consisting of 5 boxes: 3 hardwired & 2 wireless. There is another box wired / connected to the router for internet, not accessing the network.

Here's the question: If the box connected to the router (not connected to the network) gets infected, how likely / possible is it that the virus can spread to the networked boxes. All the machines are fully protected: FW, AV, HIPS, so the question is not "will they get infected" but rather how likely is it that the virus can jump through the router?

...screamer

Edit: Virus = Malware

Well, I'm not sure about your network setup, but if that machine is in the DMZ, it should be completely separated from your LAN.

It's not in the DMZ, it's on the LAN side of the router. I've never been able to see this box in Networked Computers.

If you've got any suggestions how to isolate it, I'd like to hear them

...screamer

The best way to block unsolicited connections from this PC to your LAN hosts would be putting its IP in the blocked addresses of the hosts' firewalls. This way, the hosts' firewalls should drop all the packets from that PC.
Perhaps some network expert may give you a better advice :)

It's been a coupla years since I did this, and to the best of my recollection, this is what I did. It's outside on the porch, waiting for the trash to be picked up so I can't check the settings I applied.

I set up this PCs FW to Block TCP / UDP, inbound/outbound to everything but 192.168.0.1 (router)

The reason for this question is that I'm going to be replacing the "lone computer" and want to be sure it's isolated. Dual routers was suggested, but I'm afraid that that solution would slow down my Internet / wireless speeds.

...screamer

edit: At first I had your solution, but since the IPs are Dynamically assigned it was a no win situation. I guess I could assign this PC a Static IP and then implement your solution.