The first step to securing Debian is to gather all the requirements. This section guides on how to gather the necessary requirements to build a secure specifications and processes.
The first question should be the deployment purpose. To put it bluntly, it is:
What do you want the system for?
This can decide what types of threats can occur for the system. Example:
Doing this also helps to identify the list of required software. This includes deactivating/uninstalling unneeded services, and adding firewall-like filters, or tcpwrappers. Also, it permits and helps you to harden the listed of required software easily.
Since the purpose is defined, you can determine the number of system users and limit their permissions accordingly.
With requirements, one can also determine the list of necessary monitoring and probing tools for ensuring the system is carefully and is safely monitored.
That's all for requirements gathering to secure Debian.