[TriLUG] Advice on securing a Linux Server

[Jeff Ellis]

I'm putting together a CentOS 5 based system that will be directly 
exposed to the internet (to serve a tomcat application).  So far, I've:

- Turned on the software firewall and blocked everything except for port 
8080, another port for the application, and a port for ssh
- Moved sshd to a non-standard port
- Configured ssh to not allow root logins
- Set a root password for mysql (mysql is needed by the app)
- Set strong passwords for all users

Anything else I should do to help secure it?

Jeff