I have been wanting to make my computer more secure lately, and have been wondering a few things about security. I use a cable modem, and am running windows 2000, and i also use IIS for some web development. So here goes the questions:

1) Firewall -- What is a good firewall to use? I don't want to use Zone Alarm because that always screws up IIS for some reason. Does anyone know of any good firewalls that would work good with running a very small website (mainly just for me) off of IIS? The files for the website are on a seperate NTFS partition.

2) Encryption -- Say I want to make sure that no one can get to some certain files, maybe source code or something. Well say that they get past the firewall or whatever, what would be a good way to encrypt my files so that even if they got to thm they could not use them? Or is there a way that I can hide them so that they won't even know that they are there? Is the encryption that you can do on a NTFS partition good?

3) Just how much can a hacker do -- If a hacker gets into my comp, can they really change flash BIOS settings, or format a hard drive, or delete or take any file that they want? How would they get through? Is there anything else i should do besides a firewall, and encrtpy/hide files and of course anti-virus software ?

-- Thanks a lot!