Harden Linux

• Install ONLY necessary software
Keep all system and software update
Delete or disable unnecessary user account
Don¡¯t needlessly grant shell access
Never allow network application by default
Run publicly accessible in a chrooted env
Avoid unnecessary SUID access
Configure logging & check logs regularly
Use some security scanner
Understand and use the security features supported by system or applications
Documentation of configure, for future rebuild
Careful with modules