It depends on the hack. Most hacks occur because of insecure passwords or default security settings. If you are hacked, look there first.
A firewall does nothing in these cases but everyone seems to think they are the bee's knee's.
Word of advice, secure the system fully and THEN install a firewall. Don't rely on a firewall and don't expect it to secure a webserver or mailserver. Those services require open ports anyway.