I agree with Jon, learn how to use OS based tools, or get a simple box like a sonicwall firewall and don't worry about learning that stuff. One way to look at this is by using programs that don't get hacked, qmail and djb-dns and two examples of mail servers and dns servers that haven't yet been hack (you should install a dns cache to speed things up on almost any server). Also, i don't know if you are going to use SSH to manage your box, but if you do, make sure you use hosts.allow file for sshd. You don't need 5432 open to anything but localhost for openacs.