Can hackers exploite port 21,25,80,110?

We’re sitting behind a Netscreen firewall with 4 ports open for services (21 FTP,25 MAIL,80 HTTP and 110 POP3). All servers have virtual IP. Is it possible for hackers to enter our network through those ports, and if yes, is there a way to find out or to stop them?
Thanks.