In my estimation, if nmap shows only port 80 and possibly 443,
you're fairly safe. That leaves a couple of areas for intrusion.
The web server and the scripts on the web server.
OpenACS 3.2.5 has at least one security hole and possibly others.
(My patch helps with that
https://openacs.org/sdm/one-patch.tcl?patch_id=35)
AOLServer 3.2 has one known potential security hole. Upgrading or
patching will take care of that.
However, there are lot more things that can be done to secure your
server. How far you should go probably relates to the sensitivity
of your data and how willing you are to start over if your security
is breached.
