A few questions about IP and Port information

If you leave the port and IP destination settings on any for anything that conects to the network, despite the firewall monitoring everything, securty will not be 100% as other items can hijack whatever legitimate program is trying to communicate to either the network or your system ?

Where as specificly telling the firewall what item should be using what IP and Port would make the system hacker proof ?
Where it says port and IP destinations, would that mean on the system or are these for whatever server a program is being sent from ?