A paper published by the NSA, describes security measures to be taken to keep Macintosh OS X Panther Client safe. The doc is up to date as of October 15th (10.3.5) and covers only the Client.

Of particular interest, though is the paragraph about initial configuration. The NSA gives Apple high marks for the security of the default configuration, including the disabled root, the logging configuration, and disabling of network services by default.

And, they suggest not installing IE.