-> You are asking the wrong question.
-> 
-> Even OpenBSD which is touted as secure out of the box
-> has CERT advisories that mention it that come out once 
-> or twice a year.
-> 
-> There are no guarantees against buffer overflow attacks.
-> There are no guarantees against backdoors or Trojans.
-> There is no such thing as a secure system.
-> Security is not a "fire and forget" operation.
-> Security takes constant vigilance, planning, and learning.

I knew that.

-> MagusNet, Inc. firewall rules and configs are constantly 
-> reconfigured based on attack signatures for each day.
-> Every part of my hybrid firewall config is custom and looks
-> nothing like what would come out of any distribution.
-> There is no way *any* vanilla distro could account for 
-> the number and types of attacks I see in a 24 hour 
-> period due to running a Public Proxy.

I would be interested in how to setup this kind of dynamic
custamized firewall.  If you do not mind sharing the 
knowledge.

-> For the record I haven't had any system I personally
-> connected to the Internet get compromised over the
-> last 3 years, that tells me I am due, not that I am
-> better than the crackers.

You are definatelly due. (NOT!) ;-)