The other day I was showing off my wordpress virtual appliance to a friend. I thought it was so cool how within a few minutes of download I had a fully function WP blog with cool plugins and a great theme running. I told him I wanted to load it up on EC2 or some VPS hosting service. He is an experienced web/sys admin and like most was scinical of things that are too easy.
He did a quick look around and saw iptables was wide open and wrinkled his nose.... Is that a talent all sysadmins go to a special school to learn?
As these virtual appliances are most likely going to be running in an untrusted or hostile environment, what steps are done to harden the appliance?
I found what I think is an excellent article on hardening Linux boxes.
Is some level of hardening intrinsic to TKL appliances? or is that up to the user?