System Hardening
One step to proactively protect your system is to "harden" it. There are a number of things that can be done to harden your system, and many projects out there to help accomplish this task. The basic premise of hardening a system is to make it more secure from the outset. This means doing things like setting up an appropriate user policy; ie. who gets access to what. Chrooting services is also a means of hardening the system. Auditing setuid/setgid binaries and removing unneeded services is also a part of hardening a system. Setting up and maintaining firewall rules are a part of system hardening. Essentially, what you need to do is lock down the system as much as possible.
There are many many different ways to accomplish this task, and a lot of software out there to automate or assist with system hardening. A lot of things involved in system hardening are also covered in other sections, such as Firewall Technology. This section will cover some tools and techniques to assist you in hardening your system, from using sudo to common software packages and how to harden or optimize them for security.
