System administration

What network precautions should I take after installing Debian on a VPS?

Good evening friends. Please tell me what precautions should be taken after purchasing a vps?
So far, I'm going to do the following: change the ssh port, update installed packages, check for rootkits, close or hang unnecessary ports behind the farewall.
Since I have less than 2 days of experience with linux-like systems, I would like to know what processes are holding: 995, 993, 110, 143, 59938, 111 ports and can they be painlessly closed or redirected to LAN? In addition, please explain why the exim4 mail daemon has as many as 4 ports and is it possible to send mail through only 1?

And in general, I would like to know for the future what security measures should be taken at the very beginning and what should be feared.
Ps I googled the topic about protection, I found articles, but all of them describe the points that I already marked myself. In general, I'm more interested in the issue of ports.
Thank you very much for your responses and participation. May the force be with you =)