> 1. You don't want it to be serving media. > > 2. If you really want USB see #1. > Meh. I think most of these guys are used to securing datacenters, where having dedicated machines for each purpose is standard security practice. If your just setting up your home network, and the media you are serving it the typical stuff like mp3s, etc, I wouldn't have any concern at all about serving media from the same box that you are using as your firewall. It's certainly not worth the electric bill to run to PCs 24x7 when one will do just fine. If they can compromise your firewall, I can't see how it matters if the media is being served by the firewall, or by a machine behind the firewall - they could reach the media either way. However, many of these dedicated boxes do look fun, and they don't use as much power as a second full system. Personally, I use a Linksys WRT54GL - http://www.newegg.com/Product/Product.aspx?Item=N82E16833124190 - and I run tomato - http://www.polarcloud.com/tomato - on it. It's awesome. Tomato also supports many other wireless routers - some of which have USB connections that you can attach storage to - and serve the media directly from the wireless router.