re: security newby
The first thing to do with a firewall is to deny all incoming traffic.
Once that's been taken care of then decide on which specific types and
sources of incoming traffic to allow. This way you can clear out
offending ip addresses since they'll all be banned with your first
firewall rule. The iptables-howto file has an example of a script in it
that does this you could use, but why not install arno-iptables-firewall
package and configure it accordingly. It can take care of much of this
stuff for you and it can be run on command line if you like too.