That being said I don't mind problems that are "workable", if I can find the information somewhere and tweak or configure them out of existence at a high level fine but code problems or low level stuff that causes freezes and such and I'll just can it. Truthfully I really don't want a "install and forget" distro, I would like to have to work through some issues and at least learn a bit about the system in the process. I would like to position myself to have some Linux knowledge in case my work would decide to go that route.
I'm looking at them and what I see is somewhat different than what I expected. I expected an OS only with maybe a browser and Open Office or KOffice installed instead I see Skype, Bit Torrent clients, Real Audio, Moneyplex and some other stuff I would never allow on my machines. I don't want or need this stuff. I know I could uninstall the stuff but I like to start clean. I suppose that's my Windows paranoia showing (I run a hardware firewall, not just a NAT router and a software firewall at home) but until I know a system and what it can do I don't want things could cause incidents.
Maybe I should ask "What are the cleanest Linux distros out there?" That I'll find out, I'm digging and learning.
Those "dangerous" applications are just on the drive, and not active unless you run them. DOn't worry about having the software as part of the distro.
You will want to probe your system to see what ports it presents to the world. Not all distros are equal when it comes to security. The most secure, hands down, is BSD.
The primary way to keep a system tight on Linux is to make sure you are using a distro that provides security updates quickly. Once a security bug is found, it is more likely that someone will find a way to exploit it. The second thing to do is to not run network services that you don't need. Having stuff installed is in and of itself nearly zero risk. There are few binaries left on any recent Linux/GNU distro that are setuid or setgid (permissions marking a file to run with higher authority than the invoking task), and what few such binaries there are occur in basic packages (such as the login/password software) that you pretty much have to have.
All the stuff I do to keep my Windows tight, including hardware firewall, antivirus, hostsman hosts file, software firewall, registry fixer, spybot scanner, spyware scanner, rootkit revealer, popup blocker, startup manager, disk defrag, registry defrag, ... I mostly don't have on my Linux. On Linux I just have my shared hardware firewall, the iptables software firewall, a popup resistant browser, and the traditional choice of what services to startup at boot. And where I had to hunt down and separately download and where appropriate pay for the Windows tools, one at a time, all the Linux tools (except of course for the separate hardware firewall) all come in the distribution, with automatic security patch updates.
You can get a good idea of what is included in the SuSE manual by looking at the table of contents for last years SuSE 9.1 Linux Administration Manual, at: SUSE LINUX Administration Guide.