For firewall information, it's a good idea to get to know what the wondrous 'ipchains' can do for you. Standard installations (RH and other RPM based linuxes) have it by default and it can definitely either A: make your system secure on a rule-based system or B: totally lock you inside with no way out (nooooo!)!
Seriously, ipchains, for me, has been a lesson in how ports and protocols work (tcp/udp) for local intranets and internet access.
It does just about everything you can think of from masquerading, filtering, denial, rule-based permission, etc...
In coordinance with ssh (public/private key exchange and 'trusted hosts/users'), you can make a box pretty f'ing secure.
http://www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO.html
http://www.openssh.org
