Security is process,not a permanent state. once you've taken the initial steps to secure your box,you must engage in regular maintenance to ensure that box continue to remain secure. To ensure continue security,regular do the following:
> Keep current with patches:- Keep current with your distribution's security updates and patch on a regular basis.
>Monitor Log files:- Logfiles should be monitored regularly for anomalous events. Monitoring with automated tools is acceptable provided you do a regularly manual audit of log files as well.
>Audit password strength:- Run a password auditing tool such as jhon ripper every month or so to check for insecure password.
>Check your binaries:- Regularly scan your system for trojaned or otherwise altered binaries using both an integrity checker ,and trojan scanner.
>Check for remote vulnerability:- Periodically run a current vulnerability scanner against your machine from another box, preferably one outside of your firewall.
