Well for Heaven's sake, I never noticed the little Edit Thread link at the top...
Linux users go through life oblivious to a lot of things too.
If you are going to the trouble of setting up and using your own DNS caching servers, why bother to forward queries to OpenDNS (which by default does dns redirection for non existant domains... a non malicious form of DNS cache poisoning)? You can just configure your DNS server to use root servers and bypass all upstream servers.
I don't understand why you open with two paragraphs describing a potential problem (as well as tossing an insult to windows users) then write profusely about a solution that really doesn't address the issue. i.e. You added a huge amount of plumbing to your house but did nothing to address the chance of dirty water coming from the source.
I've said before that security is a matter of keeping it as simple as possible. Given what you stated, (for the remote access portion) you should be using a layer 2 tunnel.