The fairly stock configuration for 4.0 has a number of known problems.
Subscribe to and read mailing lists and newsgroups related to security.
There's a big list of them at
http://www.iss.net/sec_info/maillist.html
Any known security problems have probably already been discussed on
these groups. Check
ftp://ftp.redhat.com/pub/redhat/redhat-4.0/updates/00README.errata
frequently for security-related package updates. Be prepared to update
major security holes ^W^W utilities like sendmail on 24 hours notice.
Of course, the worst problems are the ones that nobody has found yet.
Don't install *anything* that on an Internet-connected machine that is not
*necessary* for what that machine is going to do; you'll be glad you didn't
when the next security hole is discovered in software you aren't running.
This is especially important with distributions like RedHat, which
usually installs packages with less than minimal external access enabled.
-- Zygo Blaxell. Unix/soft/hardware/firewall/security guru. 10th place, ACM Intl Prog Contest, 1995. Admin Linux+Solaris for food, Tshirts, anime. Pager: 1613 7608572. "I gave up $1000 to avoid working on windoze... *sigh*"-Amy Fong. "smb is a microsoft toy, like a "child" protocol that never matured"-S Boisjoli.