Security in general
 

A Properly configured Linux system should be fairly secure, but i still have some newbie questions.
If i have all my ports closed (as reported by Nmap) , can someone still connect to my box?
If i have a nfsd or ftpd running, and denied connect to everyone (ALL:ALL) in hosts.deny and granted permission only to computers on my local network (FTPD: IPADRESS-OF-LOCAL-BOXES) in hosts.allow
is this safe?
I also have IPTables setup for NAT, conection sharing between two boxes.
Thanks in advance!

1. Ask yourself what "connecting to a box" means. What do you need server-side to be able to connect to a port? An open port. What is an open port? A port that allows receiving traffic. Why does it allow receiving traffic? Because server-side there is an application which is listening on that port. What if I have a daemon running and the port registers as closed? Then there's no daemon listening, or it's firewalled. What if I have a daemon running and the port registers as filtered? Then it's firewalled. If a port is open, but is marked as filtered in nmap, can I connect to it? No. Are there any other ways to still be able to connect to a filtered port? Try reading something that includes the phrase "trusted hosts".

2. Safe considering what? If your ftpd has no built-in mechanisms to allow/deny hosts/ranges access then, yes if it has TCP Wrappers support or is run tru xinetd then it is your only option besides proper firewalling. Remember you don't have to worry about the world being able to connect to your box, but now you have to worry about who connects to you from those allowed hosts :-]