Security Policy for an independant musician...

Greetings Wilders forum,

After absorbing, and thinking about the suggestions, problems, and discussions that take place on this board I'm now ready to ask the board for help with my own security situation. I have come to understand that everyone's need for safety is unique. My hope is if I describe my situation well enough, perhaps some of you will have some thoughts that could help me to settle some of my fears, and get on with my business. Here it goes:

I am an independant musician, and I have dedicated my life to creating music that reflects my experiences, and point-of-view. My drive has been to respect my audience by offering them my presence as a person, along with entertainment, fantasy, comedy, spontaneity, all wrapped up within a sense of spirit that I hope is pleasureable. I have avoided the temptation of pursuing a more mainstream path via minor/major record labels because the corporate model of music has, in my opinion, become an ugly juggernaut that has little respect for people, or musicians, or fans, only the bottom line. It has killed personality, and sensitivity and replaced it with homogenous pith that I am certain the vast majority of people are tired of.

I apologize for taking a while to get to the point but I'm hoping to inspire anyone who may have similar feelings, and would like to see the rise of autonomous artists/musicians. This is the first real period in time where thanks to computers, and the abundance of powerful software (home digital recording/WYSIWYG website software/MP3s/digital distribution/etc) musicians can truly threaten to compete with major record labels. It's so exciting, and at the same time I'm finding myself hung up before my launch date on the worry of being targeted because I'll be so visible. I want to be able to control my personal digital "empire" so to speak. So before we get technical I guess I would like to state a security goal here. If you were beginning to emerge as a public figure, but didn't yet have abundant resources, how would you protect the privacy of your computer?

Ready to get technical? Alright essentially I'm running XPhome on a DellPC. I've got DSL with a hardware router. My plan is to use the computer to:

(a) record in my digital studio
(b) maintain my own e-commerce website (so I will have to store information about sales, member information etc.)


With these goals in mind here is my plan to protect my PC:

(1) Following reformat & reinstall I will do all the things in the correct order to get my PC up to snuff (install firewall, connect to web, all MSupdates, install AV etc.). Then I'll make full back up with Acronis TI9. And maintain backups on an ongoing basis.
(2)Next I will install a truecrypt user account (anyone familiar with Raccoon's work over at truecrypt forums with TCGINA & TCTEMP will know what I'm mean). On this account I will store all the information I want to keep confidential.
(3) I will install ShadowUser for use with a seperate limited user account. To check all email, test new software, and explore the wild internet I will do so in Shadowmode. I will keep my sessions only as long as I need to, then exit.
(4) I will install Processguard to protect Shadowuser and all other programs from termination etc.

Now I'm really ready for you help because in a few areas I feel lost:

(a) Can you recommend a good firewall? I like the idea of a rules based firewall that I can tweak. Is it true you can restrict all IPs but the ones you designate in either direction? Is there a comprehensive guide to firewalls for someone who wants to move a step beyond average?

(b) Can you recommend a privacy service? Remember I'm mainly worried about targeted attacks. Physical attacks on my PC aren't feasible, so the only two attack vectors I can think of for a targeted attack are via email, and via direct attack attempts on my connected PC. From what I understand, an attacker has to know your IP to launch that kind of attack. I would like to keep my IP secret from everyone, even my webhosting service. Is this possible? I'm dying to know the answer to this question.

(c) When you consider this security arrangement, do any vulnerabilities come to mind?

Thankyou in advance for you help. The sooner I can put together a system, the soooner I can move forward.

 

Hello,
Have you considered Linux?
Good firewall - Sygate.
Mrk