Protection within wireless network

Hiding SSID and disabling UPnP should be moved to paranoid as it is completely unnecessary, the latter just disables functionality at no real gain, you will want UPnP on when it comes to torrents, and the former is an irritant if you ever have guests with laptops/pdas/ipods/wii's/ps3's/etc.

Really, you don't need a firewall at all. You have a home wireless router which I'm guessing has a hardware firewall at which point you don't need to use them on your machines, if you do I suggest something lightweight like Windows/ESET.

As for encryption, as mentioned above, you NEED WPA2(-PSK) with a strong key, no less.

 

WPA is the most important thing to implement for wireless security, to prevent untrusted outsiders from gaining access to your network.

The problems many times come from other trusted machines inside. For example, if my wife get infected with something on her laptop and her laptop now looks to other machines on the network to infect.(This happens a lot) I like the idea of using the vlan function in some wireless routers. For example the linksys wrt54g calls it "AP Isolation". Which blocks all the wireless clients from communicating with each other. This works great as long as your not sharing files between wireless devices, etc. Although the firewall on client (software firewall) would do the same thing if configured properly, this "AP isolation takes misconfiguration out of the equation.