A friend of mine has had problems with spammers on his CentOS box in NY. I went in a while back and, if I remember right, "broke" the PHP forms that they were using to use spam.
Now he's having problems installing stuff (stuff that works fine on other CentOS boxes of the same version), and I suspect that someone has gotten in and just totally screwed up things on purpose. I am going offer to rebuild everything, but I really want to help make things "spammer proof" for him before he puts it up. But I'm not really sure where exactly to start. I could start with some of the obvious things, but I was hoping for some sort of checklist that I could go through I remember seeing some NSA hardening HOWTOs, but a lot of that is overkill. I'm googling for something comprehensive, but not *that* comprehensive...
