[CentOS] Hardening

Fri May 1 18:03:14 UTC 2009
Ned Slider <ned at unixmail.co.uk>

Stephen John Smoogen wrote:
> On Fri, May 1, 2009 at 10:19 AM, Jason Todd Slack-Moehrle
> <mailinglists at mailnewsrss.com> wrote:
>> Hi All,
>>
>> What tips does everyone have on hardening a CenOS Server that is
>> running web, e-mail, ssh, ftp, mysql, coldfusion and will be
>> processing payments from www?
> 
> NSA hardening guidelines would be a good start. The CIS hardening
> guidelines would be also good. After that you want to look at specific
> hardening guidelines for apache
> 
> 

And we have our very own Wiki guide for hardening SSH:

http://wiki.centos.org/HowTos/Network/SecuringSSH

As for ftp - disable it IMHO :)