This will help preventing IP spoofing
Step 1: Backup current host.conf

mv /etc/host.conf /etc/host.conf.bak

Step 2: Create new /etc/host.conf

nano -w /etc/host.conf

Step 3: Add this code

order bind,hosts
nospoof on

Step 4: SAVE, and your done

This will help preventing IP spoofing
Step 1: Create log file, and set permissions

touch /var/log/pacct
chmod 600 /var/log/pacct

Step 2: Prepare log, and create a shortcut to log file

sed -i s/ACCTFILE=\/var\/account\/pacct/ACCTFILE=\/var\/log\/pacct/
/etc/rc.d/init.d/psacct
ln -sf /var/log/pacct /var/account/pacct

Step 2: Turn on pacct service

chkconfig --level 3 psacct on

Step 3: Enable logrotate for pacct, create /etc/logrotate.d/pacct, and add

/var/log/pacct {
postrotate
/usr/sbin/accton /var/log/pacct
endscript
}

Step 4: SAVE, and your done

Step 1: Change permission on /etc/fstab

chown root:root /etc/fstab
chmod 0644 /etc/fstab

Step 2: Change to a more restrictive system umask

echo 'umask 077' >> /etc/profile
echo 'umask 077' >> /etc/.bash_profile
echo 'umask 077' >> /etc/csh.login

Step 3: Remove Read/Write/Execute from these files

chmod 750 /bin/setserial
chmod 750 /sbin/badblocks
chmod 750 /sbin/ctrlaltdel
chmod 750 /sbin/chkconfig
chmod 750 /sbin/debugfs
chmod 750 /sbin/depmod
chmod 750 /sbin/dump
chmod 750 /sbin/dumpe2fs
chmod 750 /sbin/fdisk
chmod 750 /sbin/fsck
chmod 750 /sbin/fsck.ext2
chmod 750 /sbin/halt
chmod 750 /sbin/hdparm
chmod 750 /sbin/hwclock
chmod 750 /sbin/ifconfig
chmod 750 /sbin/ifdown
chmod 750 /sbin/ifup
chmod 750 /sbin/init
chmod 750 /sbin/insmod
chmod 750 /sbin/killall5
chmod 750 /sbin/mingetty
chmod 750 /sbin/mke2fs
chmod 750 /sbin/mkfs
chmod 750 /sbin/mkfs.ext2
chmod 750 /sbin/mkfs.msdos
chmod 750 /sbin/mkinitrd
chmod 750 /sbin/mkswap
chmod 750 /sbin/modinfo
chmod 750 /sbin/modprobe
chmod 750 /sbin/quotaon
chmod 750 /sbin/restore
chmod 750 /sbin/runlevel
chmod 750 /sbin/swapon
chmod 750 /sbin/tune2fs
chmod 750 /usr/bin/eject
chmod 750 /usr/bin/minicom
chmod 750 /usr/sbin/atd
chmod 750 /usr/sbin/atrun
chmod 750 /usr/sbin/crond
chmod 750 /usr/sbin/edquota
chmod 750 /usr/sbin/groupadd
chmod 750 /usr/sbin/groupdel
chmod 750 /usr/sbin/usernetctl
chmod 750 /usr/sbin/groupmod
chmod 750 /usr/sbin/grpck
chmod 750 /usr/sbin/grpconv
chmod 750 /usr/sbin/grpunconv
chmod 750 /sbin/klogd
chmod 750 /usr/sbin/logrotate
chmod 750 /usr/sbin/newusers
chmod 750 /usr/sbin/vipw
chmod 750 /usr/sbin/ntpdate
chmod 750 /usr/sbin/ntpq
chmod 750 /usr/sbin/ntptime
chmod 750 /usr/sbin/ntptrace
chmod 750 /usr/sbin/ntsysv
chmod 750 /usr/sbin/pwck
chmod 750 /usr/sbin/pwconv
chmod 750 /usr/sbin/pwunconv
chmod 750 /usr/sbin/rdev
chmod 750 /usr/sbin/rpc.rquotad
chmod 750 /usr/sbin/rpcinfo
chmod 750 /sbin/syslogd
chmod 750 /usr/sbin/tcpd
chmod 750 /usr/sbin/tmpwatch
chmod 750 /usr/sbin/tunelp
chmod 750 /usr/sbin/useradd
chmod 750 /usr/sbin/userdel
chmod 750 /usr/sbin/usermod
chmod 750 /usr/sbin/visudo

Step 4: Changing some permissions on more files

chmod 2750 /sbin/netreport
chmod 4750 /usr/bin/gpasswd
chmod 4710 /usr/sbin/userhelper
chmod 550 /usr/sbin/quotastats
chmod 550 /usr/sbin/repquota
chmod 400 /etc/crontab
chmod 700 /var/spool/cron
chmod -R go-rwx /etc/cron.allow /etc/cron.deny /etc/cron.d /etc/cron.hourly /etc/cron.daily
chmod -R go-rwx /etc/cron.weekly /etc/cron.monthly

Step 1: Making sure logs have the right permissions:

cd /var/log
chmod o-rwx boot.log* cron* dmesg ksysms* httpd/* maillog* messages* news/* pgsql rpmpkgs* samba/* sa/* scrollkeeper.log secure* spooler* squid/* vbox/* wtmp
chmod o-rx boot.log* cron* maillog* messages* pgsql secure* spooler* squid/* sa/*
chmod g-w boot.log* cron* dmesg ksysms* httpd/* maillog* messages* pgsql
rpmpkgs* samba/* sa/* scrollkeeper.log secure* spooler*
chmod g-rx boot.log* cron* maillog* messages* pgsql secure* spooler*
chmod o-w gdm/ httpd/ news/ samba/ squid/ sa/ vbox/
chmod o-rx httpd/ samba/ squid/ sa/
chmod g-w gdm/ httpd/ news/ samba/ squid/ sa/ vbox/
chmod g-rx httpd/ samba/ sa/
chmod u-x kernel syslog loginlog
chown -R root:root .