There are many services that can pose problems. It also depends on the underlying operating system that you are using. NIST has a good publication that should help you out on this “Guidelines on Securing Public Web Servers” http://csrc.nist.gov/publications/nistpubs/800-44/sp800-44.pdf I would also recommend that you look into a penetration test for your server. Let me know if you need any more info on pen testing as my company offers these services.
One answer to your second question would be that you can lock down the services better and reduce the risk of a compromise to the system.