That is
very helpful, thank you.
I can do some of the stuff you mention (windows firewall is now on!) but I think I'll open a ticket for the rest.
Edit: I've just run shields up again with windows firewall turned on, and all ports are now stealthed - much better.
One thing - shields up reports that my
Dedicated Server is responding to ping requests from anywhere on the internet - can I block this with Windows Firewall? Should I?