Re: Hardening CentOS

I recommend closing as much ports as possible.
E.g.: If you need to ssh to the machine, allow port 22 only from known, trusted IPs and subnets.

There are so many things you have to pay attention to, like patch management etc. that it would be best to use the NSA hardening guide or things like that.