Here's a pretty good guide on the most common things you can do to block many of the most commonly exploitable services from entering/leaving your network. "The following 11 sections for this assignment will be demonstrated using a Redhat Linux 6.1 . . .
Here's a pretty good guide on the most common things you can do to block many of the most commonly exploitable services from entering/leaving your network. "The following 11 sections for this assignment will be demonstrated using a Red Hat Linux 6.1 operating system using IPChains as the packet-filtering device. I have made the assumption that eth0 is the external interface. For each section I will begin with a brief explanation why the particular services should be blocked followed by how the services work and how I can block these services using the IPChains rules. I will also try to include some helpful hints I have picked up along the way."

The link for this article located at SANS is no longer available.