Sorry, I will not write such a guide right. now.
The reason is that I believe that GNU/Linux is somehow full of security holes.
The only way to secure a network is probably to:
- Use special hardware or design your own.
- Listen on the network for unwanted connections, with tools like Suricata.
- Monitor file changes and logs very closely.
I don't want to discuss those issues in public, so I prefer not to write such a guide.
Feel free to pick-up those issues, which could be referred in English as "Defense in depth".
Kind regards,