Centos 6.3/6.4


Setup a custom CentOS 6.X
  Setup a 256MB /boot
  Setup a 2 * physical ram in machine in GB as swap - 8GB minimum
  Setup the rest of the drive as / for root
  No Firewall
  Disable SELinux (because I'm not familiar with it)
  Custom Install with these packages:
    X Windows / Gnome / Editors / Graphical Internet / Text Internet / No Office-Productivity / No Sound-Video / Devel Tools / X Devel Tools / Gnome SW Devel / System Tools


Switched to runlevel 3 (text) by editing /etc/inittab and changing to id:3:initdefault:

Configured VNC (for rare times to use it) by editing /etc/sysconfig/vncservers and adding the following lines:
   VNCSERVERS="1:root"
   VNCSERVERARGS[1]="-geometry 800x600 -nolisten tcp -localhost"

Ran vncpasswd to set a root vncpassword

Ran /etc/rc.d/init.d/vncserver start and portforwarded 5901 through SSH

Connecting VNCviewer on my desktop to 127.0.0.1:1

Changed /root/.vnc/xstartup line with twm & to exec gnome-session & to run gnome.

Restarted VNCServer to take effect (/etc/rc.d/init.d/vncserver restart

Ran yum update to install CentOS updates

Installed OpenSSL 1.0.1 (./config shared && make && make test && make install) && (echo /usr/local/lib/ > /etc/ld.so.conf.d/local.conf; echo /usr/local/ssl/lib/ >> /etc/ld.so.conf.d/local.conf; ldconfig -v)

Change /etc/sysconfig/i18n to look like:
  LANG="en_US"
  SUPPORTED="en_US:en"
  SYSFONT="lat0-sun16"
  SYSFONTACM="iso01"

Change /etc/profile to reflect a good default path (My profile is included.)

Logged out and logged back in.

Add ntpdate.sh to /etc/cron.hourly

Make sure networking and the resolv.conf file are correct

Tighten Down the named.conf to local access only
  See the example named.com

Remove unnecessary Programs from Runlevel 3 with chkconfig <service> off.  A good example is to only be left with the following out from 'ls -1 /etc/rc.d/rc3.d/S*'

/etc/rc.d/rc3.d/S10network
/etc/rc.d/rc3.d/S12syslog
/etc/rc.d/rc3.d/S13irqbalance
/etc/rc.d/rc3.d/S55sshd
/etc/rc.d/rc3.d/S56xinetd
/etc/rc.d/rc3.d/S85gpm
/etc/rc.d/rc3.d/S90crond
/etc/rc.d/rc3.d/S95anacron
/etc/rc.d/rc3.d/S95atd
/etc/rc.d/rc3.d/S99local

Disable all unnecessary Xinetd Protocols

edit aliases and send root to kmcgrail@pccc.com
run newaliases

Install Apache (or at least mySQL) per Standard PCCC Install Instructions

PortScan box