Minimize network services

Disable any unnecessary network services.

If there are network daemons that must run on the system but are only accessed over the loopback interface, such as a local SMTP server for relaying email messages, configure them so that they are not accessible to external clients.

Use firewall software to ensure that only the minimum number of ports are exposed to external systems.

When possible, configure services to run as a non-root user with as few rights as possible.