I agree that changing the ports the server is running on won't provide you with more security. I think it would be better for you to limit unnecessary lateral communications, it'll work like installing an ajax system in your house, and I'm pretty sure that it'll help you make a server more secure. Have you even thought of it?