Change the default port, disable SSH access for root, disable password access entirely (login with public keys), install fcheck to monitor changed files and hence intrusions. If you have the luxury, remove SSH access entirely from your web server and block everything but ports 80 and 443, and enter via another server behind the same firewall. As a nOOb, I gained quite a lot from following this Hardening Linux Web Servers guide: http://www.freesoftwaremagazine.com/articles/hardening_linux
As a thirty someting non-American, I still have difficulty getting through the quiz. Thank Larry for Alt-X
That's the Call of Kubuntu?
(Please refrain from passing judgement on this, or calling me an idiot) I once dated this girl in another country. She had a boyfriend. I knew about that, but I didn't know him, so played some moral arithmetic to cancel everything out. One day he knocked on my door, having travelled from yet another country to come and find me. And he wasn't a happy camper. The moment I saw his face I knew what had happened. She'd left her email account open. My emails came from a domain registered by me. My home address was in the registration. Not smart at all. But hell can I empathise with this story. People on the Internet are real. Heck, I'm real, and a punch still hurts no matter what the techno-background of the story.