We can't honestly say Linux firewalls aren't able to be penetrated, because they depend on the quality of your rules...
If you do put all the services in the 1 box, make sure you have at least logged everything on your cable for at least 2 weeks.
Then, you will have some idea what you should keep out...
I would personally recycle that old box and put a front line firewall on it, eg
Smoothwall, to add an extra layer of protection...
while you read up on
iptables firewalling...