few things what always help. make sure you have atleast all services you run the most up2date version. have them constantly watched by loggers. make sure those logs files get not deleted (even if person get root ;-) ). but this is just handy when you got hacked and you need to find out who did it. also handy is put some firewall (prefered cisco with extreme good configuration) in front of it so you are sure only allowed persons can get on it.
next to all of this passwords are the weakest point of many security things. just make sure that with password guessign people do nto get in (you get now all script kiddies and more wannabe hackers ;-) ). the others use buffer over flow et problems in programs. you can limit this by making sure they get a time out to the server. (ip rejected by firewall).
just a few ideas