If a worm or a person tries to break into your Linux box from afar, or not so afar, iptables simply turns away and ignores the incoming connection -- the attacker will not know whether a system even exists at the attacked address.If you do not run mail, Web, FTP, or other servers on your Linux system, you will probably never need to modify iptables' default settings.