The other answers are basically correct, but I thought I'd expand on the topic. Hopefully this information will be useful.
As long as you have your router in a standard configuration, it should block unsolicited incoming network connection attempts, essentially acting as a blunt firewall.
Port Forwarding
Settings which increase your exposure surface would be forwarding any ports into your local area network (the devices connected to your router).
Be aware that some services on your network might open ports via UPnP (universal plug and play), so if you want to be certain that no-one is snooping inside your network, consider disabling UPnP in your router's settings. Be aware that will prevent anyone connecting to a service on your network, such as hosting a video game.
Wi-Fi
If your router has wi-fi, consider that someone can potentially connect to it. Someone who connects to your wi-fi service is essentially on your local network and can see everything.
So, if you use wi-fi, make sure you use the maximum security settings. At a minimum, set the network type to WPA2-AES, disable legacy support, set keys to reset a minimum of once per 24 hours and choose a complex wi-fi password.
Protocol Sniffing and VPNs
As your landlord sits between you and the public internet, he could potentially look at all traffic going into and out of your router. This is relatively easy to do and there are freely available network diagnostic tools to do this with.
Encrypted traffic between your browser and a website is generally safe as far as the content goes, however your landlord would be able to see what websites you visit (though not necessarily the specific pages).
However, consider that many web pages are not encrypted, and then there are all your mobile apps, email and other online activity which is potentially sent in the clear.
If you want ALL your traffic to be encrypted then you need to use an encrypted virtual private network (VPN). A VPN connects your network to the network of a VPN operator (usually a commercial enterprise), using encrypted protocol tunneling.
Ideally, the VPN would encrypt using AES encryption and the connection would be established at the router level so that all WAN traffic (to the internet) is encrypted and routed via the VPN.
If the router doesn't support VPN, then you'll need to set it up on each and every device (computer, phone, tablet, console, etc) who's traffic you want to secure.
Encryption
As a general security principle, I advocate strongly encrypting all traffic. If everything is strongly encrypted, anyone snooping on you will not know where to begin. But if you only encrypt "important stuff", then they will know exactly where to attack.