13.6. Unix Checklist Overview
Many excellent security checklists exist for the various Unix-based systems. This section provides a simple conceptual overview along with specific general steps that you can take to secure an out-of-the-box installation. The current trend is for more and more vendors to release systems preconfigured to be more secure.
The most important instruction concerning operating system security has to do with network connectivity. In a word, don't. Be sure that a system has as many security controls set as possible (including patches) before connecting it to any type of network that might be possibly compromised. Although implementation is difficult in reality, you can have a dedicated "patch" machine ...