Web lists-archives.com

Why does Debian allow all incoming traffic by default


I am using Debian and the recently I learned that a standard Debian installation allows all 3 types of traffics especially incoming by default. I know I can easily use iptables to tighten the rules but I wanted to know the reasons behind the choice of this default behaviour and if it makes the system more vulnerable? I tried searching on the Internet but did not get any satisfactory explanation. It will be helpful if anybody knows the answers to my questions or can redirect me to a helpful document.