A firm called ConfigServer Services is offering a free script that will run a security assessment on many Linux versions. The script goes through the myriad of configuration settings to make sure that the most secure options have been selected. An operating system is no more secure than its settings. A poor job of configuration can make any operating system open to attack.
There are a number of similar services, such as Bastille, that should also be considered. Bastille also works on OS X.