this is a general hardening that i used to apply on my server
1. securing /tmp partition
dd if=/dev/zero of=/opt/tmpMnt bs=1024 count=5120002. use secure password
mke2fs /opt/tmpMnt
mkdir /tmp.bak
mv /tmp/* /tmp.bak/ (verify that dot-files are also moved)
mount -o loop,noexec,nosuid,rw /opt/tmpMnt /tmp
mv /tmp.bak/* /tmp/ (again, very that dot-files are also moved)
rm -rf /tmp.bak
chmod 1777 /tmp
vi /etc/fstab (add: /opt/tmpMnt /tmp ext2 loop,nosuid,noexec,rw 0 0)
use utilities like http://strongpasswordgenerator.com/ to have a strong password for your server
you can also use other tool with the same similarities
write down your password and make sure u are the only person that know about this document
if possible password protected your document as well
3. monitor your server by using hids and logwatch
4. move this binaries to other secure location
wget, lwp-download, ssh, scp, curl
5. modified your /etc/host file
declare "search.cpan.org" as "0.0.0.0" in /etc/host
most hacker get all of their stuff their need here
6. monitor outgoing connection on your server using iptables
7. remove all development packages and test your server for the newest local exploit
PS:
if you have a webserver running on your server
disable function like ("passthru","exec","shell_exec","system","popen") in php.ini
and install mod_security



