Originally Posted by Sephiroth
BTW, it's not insecure if you have a firewall running in the attached PC.
Ask AndyCalling to explain his somewhat blanket view.
Theoretically no, if you know what you are doing and set your firewalls on every device accordingly, continiously aware of how it's set up and of every change you make. I would never recommend your approach though. If someone is going to conciously use that approach then they don't need me to tell them whether they should or not. They already know exactly what they're doing and feel very comfortable with their security. If you're comfortable with it then fine, you obviously know all your holes and have the locks all manually controlled.
For most, using a NAT is a no-brainer. It is the only responsible recommendation.
---------- Post added at 23:42 ---------- Previous post was at 23:31 ----------
Originally Posted by Superblade7
Andy, didn't realise it was insecure connecting the pc directly to the SH in modem mode so thanks for the advice. I've been in touch with VM and they've said it's a faulty SH so another on the way. Once I've got the new one, I'll stick with router mode and disable the SSID broadcast and set up an access list so this should be more secure.
Almost. But not quite.
1) Get new Shub.
2) Run in router mode.
3) In the Shub 'Advanced' wireless settings, uncheck the 'Enable Super Hub Wireless Radio' check box.
4) For good measure, under the 'Services' settings menu on the Shub, untick 'Firewall Features', 'Port Scan Detection' and 'IP Flood Detection'. These do no good and will only cause you grief.
Turning off SSID does nothing except make your life harder. Any hacker will have no trouble with that. Same goes for an access list. Don't bother with them. If you want to turn wireless back on in the future, just choose WPA2-PSK[AES] as your encryption method and follow this link to generate your key:
Anyone who can get through that will have no trouble with your other methods, and anyone phased by your other methods won't stand a chance against AES with a full length pass key.