I would think, however, that this sort of topic, and additional
security
measures, could and should be covered in a more comprehensive security
guide. As Rahul mentioned, there is a Hardening Tutorial in CVS. Maybe
you should offer to participate with the author to bring this document
up to snuff. As I recall, no editor has yet stepped up to work on it.
Stuart has started some security material on the wiki as well. Instead
of having several efforts floating around in various forms, maybe the
three of you (Stuart, Felipe, and Charles Heselton, author of the
hardening tutorial) can put your heads *together* and work on something
more comprehensive! Three heads are better than one, and all that...
I would like to add my few cents but sincerely, I don't know where to
start, or what to do. I have a few recommendations, in form of
firewall rules and sysctl tunable parameters.