See also Static IP Address

This is generally for slim server installations.

HowTo: https://www.howtoforge.com/tutorial/centos-7-minimal-server/

Unneeded Services: http://www.tecmint.com/remove-unwanted-services-in-centos-7/

Release Notes: http://wiki.centos.org/Manuals/ReleaseNotes/

Use netinstall method for Xen paravirtualized installs.

Netinstall URLs:

http://mirrors.easynews.com/linux/centos/6/os/i386/

http://mirrors.easynews.com/linux/centos/6/os/x86_64/

ISOs:

http://mirrors.easynews.com/linux/centos/6/isos/

• Use netinstall or CD#1
• Use text-mode installer
• De-select all packages
  • Hold down - key
• Select “customize package selection”
• De-select all packages
  • Hold down - key

Install some important packages after the install:

yum install openssh-server perl crontabs vixie-cron which wget vim-enhanced bind-utils \
setuptool system-config-network-tui system-config-firewall-tui system-config-securitylevel-tui

Enable the cron daemon:

chkconfig crond on
service crond start

Update and reboot the new system:

yum update -y
reboot

Important note: During a netinstall of the latest Centos 5.9, these instructions don't install yum. BE SURE TO SELECT YUM TO BE INSTALLED.

Also consider selecting openssh-server, especially if you are installing remotely.

http://www.owlriver.com/tips/tiny-centos/

http://codeghar.wordpress.com/2007/11/28/centos-5-post-install-customization/

1. Boot to CD 1
2. Type in “linux text” to get the text installation setup
3. Proceed normally with the installation until it asks which packages to install
4. Deselect all of the packages and then click on the “customize package selection” check box
5. Hold down the “-” key, which scrolls through all of the package options, and deselects them all
6. Finish the install
7. Do a “yum update” to get latest
8. Do a “yum install <package>” for what ever packages needed but not installed during installation.

Install some important packages after the install (adjust as necessary):

yum install openssh-server perl crontabs vixie-cron wget which vim-enhanced bind-utils
chkconfig crond on
service crond start

echo "Administration Tools
Authoring and Publishing
Beagle
Cluster Storage
Clustering
Development Libraries
Development Tools
Emacs
Engineering and Scientific
FreeNX and NX
GNOME Desktop Environment
GNOME Software Development
Games and Entertainment
Graphical Internet
Graphics
Horde
Java
Java Development
KDE (K Desktop Environment)
KDE Software Development
KVM
Legacy Software Development
Legacy Software Support
Mono
Office/Productivity
OpenFabrics Enterprise Distribution
PostgreSQL Database
Printing Support
Ruby
Sound and Video
Tomboy
Windows File Server
X Software Development
X Window System
XFCE-4.4" | while read group; do yum -y groupremove "$group"; done

pkg="xorg-x11-libs xorg-x11-Mesa-libGL libtiff up2date system-config-mouse bind-utils \
bind-libs ypbind yp-tools htmlview pinfo ppp rp-pppoe wvdial redhat-lsb mdadm portmap \
nfs-utils irda-utils isdn4k-utils pcmcia-cs NetworkManager pam_smb dos2unix samba-common \
ghostscript system-config-printer xorg-x11-xfs xorg-x11-font-utils VFlib2 urw-fonts \
ghostscript-fonts hpijs chkfontpath samba-client ghostscript-fonts libgnomeui \
startup-notification libwnck libbonoboui gnome-python2 usermode-gtk qt arts kdelibs gd pango \
gtk2 xorg-x11-xauth system-config-samba system-config-nfs system-config-services \
system-config-users system-logviewer system-config-date  system-config-printer-gui samba \
gnome-python2-bonobo gnome-python2-canvas gnome-python2-gtkhtml2 system-config-httpd \
system-config-network system-config-packages system-config-lvm tora webalizer libglade2 pygtk2 \
GConf2 gnome-keyring libgnomecanvas gail gtkhtml2 gnome-python2-bonobo gnome-python2-canvas \
gnome-python2-gtkhtml2 pygtk2-libglade system-config-securitylevel system-config-language \
system-config-rootpassword system-config-soundcard gnome-vfs2 libgnome authconfig-gtk \
firstboot gnome-mount gnome-python2-gnomevfs  system-config-display  pirut setroubleshoot \
system-config-kdump gnome-mount metacity notification-daemon gnome-python2-gconf \
gnome-python2-gnomevfs bluez-gnome bluez-utils sabayon notify-python libnotify \
system-config-keyboard gtk2-engines xsri cups-libs xorg-x11-fonts-base gnome-python2-extras \
paps redhat-artwork cups xorg-x11-server-Xnest xorg-x11-server-Xorg sabayon-apply \
xorg-x11-drv-void xorg-x11-drv-evdev xorg-x11-drv-keyboard xorg-x11-drv-vesa rhpxl \
xorg-x11-drv-mouse Deployment_Guide-en-US"

for x in $pkg; do yum remove -y $x; done

yum clean all

http://bkraft.fr/articles/Securing_CentOS_6_installation/

Enable the EPEL Repo, if not already done.

You can use a command similar to this to remove unnecessary services. This may increase security and performance.

for i in rpcbind nfslock lldpad fcoe rpcidmapd; do service $i stop; chkconfig $i off; done

Fail2Ban is a tool to monitor log files and take action against attackers. It uses IPtables firewall commands to block access.