Short answer:



A router is an intelligent device that allows a central connection to an internet connection. Basically connects a LAN to the internet. It also provides many internet like services from that single connection to the PC's connected to it.



A hub is a dumb networking device that only passes all traffic from one computer to all computers connected. It does not route the traffic in any way. It's for local area networks only.



There is also a switch which does a small amount of traffic control in a local area network. This helps make connections in the LAN faster with 3 or more computers.

A router splits an Internet connection between 2 or more computers.



A hub is a device to 2 or more computers to each other.



Most routers can do function of a hub also.

A switch. A switch allows multiple devices to connect and maintains the activity for each device. The typical hub is actually a repeater hub, which (for simplicity in explanation) takes incoming information and distributes it to each of the devices connected to it. So each device gets the information, but only the one that requested it actually takes it. So a switch is the better choice for muliple devices like the 360 that generate a lot of network traffic at the same time.

A router is a more sophisticated network device than either a switch or a hub. Like hubs and switches, network routers are typically small, box-like pieces of equipment that multiple computers can connect to. Each features a number of "ports" the front or back that provide the connection points for these computers, a connection for electric power, and a number of LED lights to display device status. While routers, hubs and switches all share similiar physical appearance, routers differ substantially in their inner workings.



Traditional routers are designed to join multiple area networks (LANs and WANs).



On the Internet or on a large corporate network, for example, routers serve as intermediate destinations for network traffic. These routers receive TCP/IP packets, look inside each packet to identify the source and target IP addresses, then forward these packets as needed to ensure the data reaches its final destination.



Routers for home networks (often called broadband routers) also can join multiple networks. These routers are designed specifically to join the home (LAN) to the Internet (WAN) for the purpose of Internet connection sharing. In contrast, neither hubs nor switches are capable of joining multiple networks or sharing an Internet connection. A home network with only hubs and switches must designate one computer as the gateway to the Internet, and that device must possess two network adapters for sharing, one for the home LAN and one for the Internet WAN. With a router, all home computers connect to the router equally, and it performs the equivalent gateway functions.



Additionally, broadband routers contain several features beyond those of traditional routers. Broadband routers provide DHCP server and proxy support, for example. Most of these routers also offer integrated firewalls. Finally, wired Ethernet broadband routers typically incorporate a built-in Ethernet switch. These routers allow several hubs or switches to be connected to them, as a means to expand the local network to accomodate more Ethernet devices.



In home networking, hubs and switches technically exist only for wired networks. Wi-Fi wireless routers incorporate a built-in access point that is roughly equivalent to a wired switch.

In any computer network, "routing" is the process whereby data is transported from one location to another. The Internet is, in reality, nothing more than a whole bunch of smaller networks linked together. For example, my office network is one of those smaller (very small, in this case) networks. The linkage is created by attaching networks to each other by means of special purpose computer hardware designed to move data from one place to another. The general term for such hardware is "router."



Data flows on any network in chunks called packets. Think of a packet as an envelope, inside which has been placed a piece of paper with some data, E-mail for example. On the outside of the envelope are two addresses: one assigned to the machine sending the data (the source address) and the other assigned to the machine receiving the data (the destination address). These addresses are called IP addresses and are actually strange looking numbers (such as 207.241.40.41) that are designed to be easily understood by computers. On any given network, like the one in my office, each machine (computer, printer, etc.) will have a unique IP address, making it possible for any one machine to send data to any other.



A router examines the destination IP address of each packet that passes through, and using information stored in internal data structures called routing tables, determines where to send the packet. The most basic routing would be between two computers on the same network, such as what often occurs in the average office. Once a network gets larger than a single location like an office, some routing is required. On a large network, like the Internet, the path from the source machine to the destination may be very circuitous, and the first router in the path might have to hand off the packet to a second router, which might have to send it to yet another router, and so on, in order to get to the destination machine. In some cases, getting a packet from source to destination may involve passing through as many as 20 to 30 routers. Each router in the data path is referred to as a hop, since the packet's progress through the Internet resembles that of a rabbit or kangaroo bounding across the ground.



As a packet passes from router to router, information is altered in the packet to indicate how many hops have been taken. Once the packet has reached the destination machine, that machine will use the source machine's IP address to send back an acknowledgment that says that the packet arrived safe and sound. On the other hand, if a router cannot pass the packet onward or the destination machine cannot receive the packet (because, for example, the machine is not running) or too many hops have occurred (usually the result of a routing screwup of some sort) an error will be reported to the source machine. Incidentally, any resemblance between packet routing and the way the postal service handles the U.S. mail was purely intentional.



As complicated as this may all sound, it happens pretty fast. In most cases, a packet can make it from one end of the USA to the other in a fraction of a second. Even packets from international sources arrive in a matter of a few seconds on average.



With routing basics out of the way, let's talk about your specific situation. With your PC directly connected to the Internet as it is now, it has been assigned by your Internet service provider (ISP) a public, routable, and globally-unique IP address. Public means that the IP address is generally known on the Internet, just as your home phone number is generally known if it is published in a phone book. Routable means that you can send packets to anywhere in the world, and that any machine in the world can send packets to you. Globally unique means what it says: only your PC of all the computers attached to the Internet will have that particular IP address. My UNIX server's IP address, 207.241.40.41, is globally-unique and any machine in the world can contact it.



The problem with such an arrangement should be fairly obvious at this point: if any machine in the world can contact your PC via its globally-unique IP address then your PC can be infiltrated by virtually anyone anywhere in the world, potentially without you even knowing it. The design of Windows, unfortunately, makes infiltration relatively easy. Such infiltration often involves the surreptitious installation of spybots and adware, programs that can monitor what you are doing (e.g., what you are typing) or read your files. As a general rule, such software is designed to relay information back to the remote computer from which the spybot or adware was delivered.



Even worse, this type of infiltration can turn your PC into a robot and make it do things that can annoy the daylights out of other unsuspecting users. The most common type of this action is to turn your PC into an E-mail zombie, spewing out spam as fast as it can get data onto the Internet. My mail server stops this sort of stuff every day, and new sources keep turning up every day.



Infiltration can be hindered by using a router between your PC and the Internet. As I explained above, a router's function is to transmit packets from one place to another, using the destination IP address to determine where each packet should go. A router of the type you have performs this function but does so with a twist. The public IP address assigned by the ISP is given to your router, not to your PC. Your router will assign a private, non-routable IP address to your PC. This makes your PC invisible to the Internet, thus preventing other machines on the Internet from directly communicating with it. This happens because when your PC sends a packet out to the Internet, your router removes the packet's source IP address (that is, the IP address assigned to your PC), substitutes the router's public IP address and internally stores information about the changes that were made. When a reply comes back from the machine that you contacted, the process will be reversed. Since your PC's IP address is non-routable and is not actually the source IP address in the packet when it arrives at the remote machine, that machine cannot "talk" directly to your PC. Put another way, it's like looking through a one-way piece of glass: your PC can see the Internet but the Internet cannot see your PC.



In addition to this "firewall" service that the router provides, it will possible for you to connect several computers together into a small network, through which you can move files, share a printer, and share the Internet connection. The router would assign a private IP address to each machine to keep everything working smoothly.



It is important to understand that the protection provided by the router doesn't prevent malicious E-mail attachments or files from causing trouble. Nor will it protect your from lapses in common sense. The usual precautions about not opening mail attachments from strangers still apply. Also, you need to be cautious about Microsoft Office documents, which can harbor viruses that can be potentially fatal to your system.



Hope this explanation helps.