I am no expert at this but have a few comments anyway. Red Hat 9 and many other distros come with an iptables firewall. With iptables it is possible to close a specific port to incoming traffic and yet leave it open to outgoing traffic if that is what you want to do. It is also possible to open a specific port on your network at home while closing it to other networks such as the internet.
I took a course last semmester where we each had to change iptables settings from the command line in Red Hat 7.3. We only spent 2 hours doing that. It was only an introduction to the subject. I need to read up on that before I try that on my Red Hat 9 system at home. For now I just have just been using the "Security Level Program" that is found in the system settings menu. I just chose "medium" security. I have not yet tried to control the ports in a more detailed custom way.
There are several web pages on the internet that will scan my computers ports for me and tell me if any ports are open to hackers on the Internet. One such web page is this:
http://grc.com
When you go to the web page click on "Shields Up." It will check your ports for you. The web page is mainly for Windows users but I assume what it is checking would be valid for Linux too.
If you have a network with a Cisco router in it (or something similar) it is also possible to use extended access control lists to control what ports are open to whom in a way that seems to be very similar to iptables.