Limiting the attack surface
The most important rule of network security is limiting your attack surface. In a nutshell, this means that the less software you have installed and/or the less services you have running, the less it can be used against you. If that wasn't bad enough, in some cases an unpatched flaw in server software could allow a miscreant to use your server to attack someone else. By limiting the number of packages in use on your system, you're lowering the possibility of something bad happening.
This sounds simple enough, and it is, but it's important to keep in mind that this isn't just a matter of installing only what you need. Many Linux distributions ship with software that you may never need to use. This isn't just true for servers either. Even your end-user workstations could have unnecessary services running that would be a treasure trove for an attacker to use. One common example of this is having a Mail Transfer Agent (MTA) running on your system. It's surprising that...
