Step 1: Now we will remove all software groups, to get Centos to a minimum
Step 1.1: Run grouplist to see what software groups that are installed:
yum grouplist
Step 1.2: Remove all groups that are installed EXCEPT “Yum Utilities”
yum groupremove "GroupName"
Step 2: Lets disable unneeded services:
chkconfig anacron off
chkconfig atd off
chkconfig auditd off
chkconfig cpuspeed off
chkconfig kudzu off
chkconfig netfs off
chkconfig ip6tables off
chkconfig smartd off
chkconfig pcscd off
chkconfig cups off
chkconfig mcstrans off
chkconfig nfslock off
chkconfig rpcgssd off
chkconfig rpcidmapd off
chkconfig portmap off
chkconfig nfs off
Step 3.1: Use this command to check what services that are setup to run
chkconfig --list | grep :on
Step 3.2: You should have these services running:
anacron, crond, iptables, irqbalance, kudzu, mcstrans, network, readahead_early, restorecond, sshd, syslog, sysstat, yum-updatesd
Step 4: Lets upgrade Centos to the newest, and install some tools:
yum -y upgrade
yum -y install wget bzip2 unzip zip fileutils gcc gcc-c++ ncurses-devel pam-devel libxml2-devel libxslt-devel
yum -y install binutils autoconf automake libtool zlib lsof man man-pages mlocate quota yum-utils
yum -y install sendmail rsync sysstat vixie-cron bzip2-devel m4 flex byacc wget which
Step 5: Install and syncing NTP time service:
yum -y install ntp
chkconfig --levels 235 ntpd on
ntpdate 0.pool.ntp.org
/etc/init.d/ntpd start
Step 6: Install EPEL Repo, giving access to more software thats not in the Centos base.
(32Bit) rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm
(64Bit) rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-3.noarch.rpm
Step 7: Install RPMForge Repo, giving access to more software thats not in the Centos base.
(32Bit) rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
(64Bit) rpm -Uhv http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS//rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
Step 8: This will change minimum password lenght to 8, if you want higher minimum lenght, change the number.
sed -i s/PASS_MIN_LEN.*/PASS_MIN_LEN\ 8/ /etc/login.defs
Step 9.1: Changing server hostname:
nano -w /etc/sysconfig/network
Step 9.2: Find HOSTNAME= and change it to etc srv01.maxisecure.com or something else of your choice:
HOSTNAME=s01.yourdomain.com
Step 9.3: Now a reboot:
shutdown -r now