While many Linux hardening measures are straight-forward (strong passwords that meet VT requirements, regular patching, host-based firewalls, etc.) some are not so obvious and may differ (slightly) per Linux distribution or kernel. Here are some resources for hardening Linux systems that we find useful in the ITSO:

     Centos - https://wiki.centos.org/HowTos/OS_Protection
     Ubuntu - https://help.ubuntu.com/community/Security
     Debian - https://www.debian.org/doc/manuals/securing-debian-howto

And also, CIS-CAT runs on Linux systems and can be used to further harden Linux systems. If you don't already have CIS-CAT, email itso@vt.edu to obtain a copy.