The O'Reilly Linux Server Security book's a good read if you have at least a little Unix admin/user experience. It re-iterates a lot of the good advice that's been covered on the list about securing SSH by running on a non-standard port, only allowing key based auth and then only for a limited subset of users/groups.
They also cover bastion firewalling. Essentially, anything internet facing (or security sensitive), even if behind another firewall, it's good practice to firewall to the hilt. The more layers the better.
Secure your OS. Secure your apps. Secure your network. A lot of it's just common sense. Unless you're full time job is nothing but security and you can track all the current vulnerabilities and infer where the next ones will be just assume every thing's a risk and lock down/remove everything you don't absolutely require to mitigate the likelihood of getting owned.
Link-wise, I'd say the more you read the better.
http://www.google.co.uk/search?hl=en&q=hardening+linux&btnG=Search&a...
http://www.google.co.uk/search?hl=en&q=hardening+redhat&btnG=Search&...
Start with those. :)
Bear in mind, if you're messing with stuff you're not sure about, use a test machine/have backups/make sure you can reinstall from scratch if you break somethign or get burned somehow.
Will.
Thanks Will. One thing I have always done with SSH is run it on a non-default port. Its funny I left it on 22 once and watched the log reports every morning in my email for a few days and the amount of people trying to login as the root user was amazing... the report was 40-50 lines longer than normal just from all the attempts... I then chose a port over 10000 as they say most port scanners usually scan port 1-10000. Once I did that I have not seen one attempt to try and access root through SSH or any user for that matter. Good tip though... =)
And yeah I always have a test machine for breaking stuff on... I think thats how I have learnt most of what I know about linux is breaking it and re-installing it many many times ;)
Thanks for the info, very much appreciated... Gonna check out EBAY for that book and check out those links so I have some reading to do.. thanks again!
James