Okay, this is where "Security by Obscurity" comes into play - if your firewall is ping able or not really makes no difference to the end result. Hidden or not you have to be track-able to some extent (without talking proxies).
Yeah, everything I've read says that hiding SSID is useless. I have done it only to keep casual users from trying to connect, but that probably just ensures that the only attempts will be malicious or non-casual. The router wifi is secured anyway with a strong password in WPA2 and also the administrator name and password are unique and remote administration is disabled. There's really no need for remote administration for most people, anyway, is there?
The key remains LAN access, doesn't it. How does one log onto the LAN, users and user levels, passwords, etc? If it is easy to log onto the LAN locally, then once the wifi connection and strong password are known, logging onto the LAN will also be easy, won't it?