CentOS 团员已经发布了 CentOS 6 系列的第三个版本，CentOS 6.3 基于上游的红帽 RHEL 6.3。CentOS 是一个企业级的 Linux 发行版本，CentOS 是 RHEL（Red Hat Enterprise Linux）源代码再编译的产物的免费版，它继承了 Red Hat Linux 的稳定性，而且又提供免费更新。因此，它在IDC中装机量几乎是最大的一个 Linux 发行版。它包含了很多错误修正、升级和新功能。

1、执行优化:
echo 'ulimit -c unlimited' >> /etc/profile
echo 'ulimit -s unlimited' >> /etc/profile
echo 'ulimit -SHn 65535' >> /etc/profile
echo '* hard core 0'>>/etc/security/limits.conf
echo '* hard rss 10000'>>/etc/security/limits.conf
echo '* hard nproc 20'>>/etc/security/limits.conf

2、
vi /etc/sysctl.conf

插入以下：  
net.ipv4.tcp_max_syn_backlog = 65536  
net.core.netdev_max_backlog =  32768  
net.core.somaxconn = 32768  

net.core.wmem_default = 8388608  
net.core.rmem_default = 8388608  
net.core.rmem_max = 16777216  
net.core.wmem_max = 16777216  

net.ipv4.tcp_timestamps = 0  
net.ipv4.tcp_synack_retries = 2  
net.ipv4.tcp_syn_retries = 2  

net.ipv4.tcp_tw_recycle = 1  

net.ipv4.tcp_tw_reuse = 1  
net.ipv4.tcp_syncookies = 1  
net.ipv4.tcp_mem = 94500000 915000000 927000000  
net.ipv4.tcp_max_orphans = 3276800  

net.ipv4.tcp_fin_timeout = 30  
net.ipv4.tcp_keepalive_time = 120  
net.ipv4.ip_local_port_range = 1024 65535  

执行立即生效：/sbin/sysctl -p   

3、
vi /usr/include/bits/typesizes.h

查找SETSIZE 找到  
#define __FD_SETSIZE 1024 改为 65535  

4、修改SSH端口
vi /etc/ssh/sshd_config

Port 22改新端口
PermitEmptyPasswords no
MaxAuthTries 3

重启SSH：/etc/init.d/ssh restart
5、禁止IP伪装
echo 'nospoof on'>>/etc/host.conf