TrinityOS is a step-by-step, example-driven HOWTO on building a very functional Linux box with strong security in mind. TrinityOS is well known for its strong packet firewall ruleset, Chrooted and Split DNS (v9 and v8), secured Sendmail (8.x), Linux PPTP, Serial consoles and Reverse TELNET, DHCPd, SSHd, UPSes, system performance tuning, the automated TrinityOS-Security implementation scripts, and much more.
The cryptoswap package supports creating an encrypted swap partition when a system boots. This may be necessary on systems that use encrypted filesystems because plaintext secrets may be written to disk when memory is swapped to disk. The project also includes the ability to build a Linux initrd that supports booting with an encrypted root filesystem.