SInce Ossec HIDS is GNU Public licensed I think this is not a bad idea to include this in the documentation. The referenced article does describe securing Debian with open source tools and I honestly have seen this documentation for the first time tonight and I think it is very high quality. The thing that caught my eye is disabling execution for /tmp. I managed thousands of Debian servers at one time and I often found hacker scripts in ./tmp because of a Wordpress exploit. This is because /tmp is world writable and presumably people who don't know better are unlikely to look for bad scripts there. While I agree pulling third scripts with curl is cringe-worthy I think Ossec HIDS is an exception because it is GNU Public licensed.
Michael Lazin
.. τὸ γὰρ αὐτὸ νοεῖν ἐστίν τε καὶ εἶναι.