Also, given the possibility of network sniffing, use switched Ethernet hubs wherever possible to isolate traffic (thus minimizing the amount of sniffable information).
CNN: Analysis: Linux security
2.
In addition, you should consider avoiding plaintext-password network services: The POP3, FTP, and Telnet daemons pose a special risk because their passwords pass unencrypted across the open network, sniffable by any nearby machine along the way.