Ryan, Take a look at Bastille Linux - it's great for hardening Redhat and others - http://www.bastille-linux.org There are also some very good papers on hardening Linux
http://www.enteract.com/~lspitz/linux.html http://www.sans.org/infosecFAQ/linux/hardening.htm As for the auditing .... http://www.sans.org/infosecFAQ/audit/linux_sec.htm http://www.sans.org/infosecFAQ/audit/audit_list.htm but using AIDE/Tripwire for file integrity etc. would be the best bet. TCP wrappers / Xinetd are great for allowing only certain hosts/networks to connect to your boxen. As for ensuring that hosts are actually who they say they are, that should be done on your border routers with ingress filtering. While you're there, do a little egress filtering to. :) http://www.ietf.org/rfc/rfc2827.txt http://www.sans.org/infosecFAQ/firewall/egress.htm That should be enuff to get you started. Scott
