For a quick Linux security you can consider these products:
- iptables : They are complicated and powerful like assembly. The package is usually already installed in most of the distros and there are many simpler wrappers on it.
- ufw: If you are using Ubuntu this is simple and the best option. Wondering why we don't have this in other distros!
- Firewall Builder: is a GUI security management. You might avoid this for small sites/machines.
- Log scanners: They scan different logs (server logs, ssh logs, etc) and look for unsuccessful login attempts and can add those IPs to the ban list. fail2ban, sshguard, denyhosts are examples.
- http://www.lowth.com: LinWiz is a web based tool that can generate iptable rules for you to run as shell script. I like this one.
- modsecurity: Haven't tried this.
- firehol and shorewall: interfaces for iptables that make using it easier. firehol is easier.
- use nmap and netstat for checking ports, etc.
- http://www.rfxn.com/projects/
- http://mynetwatchman.com/