After 7 years of **IX based development, I find myself in a VERY security conscious environment. I am aware of the basics, but I need come up to speed very quickly on the details of how or why to implement various security features, e.g. how does ssh work. What are the specific holes to watch out for etc., I'm looking more for the lower level mechanics not the "don't surf the web as root" stuff.
If someone could point me to the FAQ for this group and any other recommended reading I sure would appreciate it.