What good will it do them for surfin the net if they can get in, but not get an IP?
If I'm sniffing your traffic to crack your WEP key, then I can capture traffic from your network to learn your IP scheme. Things like MAC-based filtering, disabling SSID broadcast, and using static IPs may have been somewhat effective in 1999/2000, but if you're relying on any of those options now you've got big problems.
Enterprise Network Engineer :: Hosting Hobbyist :: Master of Procrastination
"The really cool thing about facts is they remain true regardless of who states them."
1. change the default password on your router. make it complex if you can, at least 6 characters, upper and lower case, and ascii characters if you can.
2. change the default SSID or wireless network name to something complex, following same guideline as step 1.
3. disable SSID broadcast.
4. enable WPA or WPA2 encryption. Use either an AES or TKIP key. you can generate a key using this tool.
5. enable mac address authentication. allow only your wireless devices access to your wireless network.
6. disable dhcp if you want, or change it to a non-default ip scheme (like 172.16.1.x or whatever).
7. change the ip address of the router.
8. apply the latest firmware patch/update to the router. this is an important one.
the manual that came with your router should have all the specific instructions on how to change these settings.