An interesting article about basic Linux security, “hardening a linux server in 10 minutes”, which basically takes the same approach many articles about Windows performance tuning takes; disable services and connections you don’t need. Keep open ports, running services, etc. down to what is required, and you will end up with a much more secure installation.
Installing SuSE Linux (for example) for an end-user pretty much takes this approach with the SuSE Firewall (which is SuSE’s variant of an IPTABLES script), but it’d be nice to see a more fine grained control of this for all types of installations. With desktop and server environments both becoming more complex, it’s easy to get into a “layered frenzy” and have four thousand processes running, only to lose track of who is serving whom.