The mantra that most system users and administrators will use when it comes to security, is that there is no hack proof computer. It's a universally accepted idea, all we can do is try our best to keep our web servers only running the processes that we intend. In this section of my site, I will try to keep a list of things that I do on my Linux server to keep it secure.
This is something even I cringe at, but it's true. If you're familiar with the processes and file system on your server, you're better equipped to prevent and detect break-ins.
Linux computers come with a series of programs like wget, lynx, links, rpc, and scp, that allow you download and move files between computers. For an extra measure of security you can make sure that only root can access these files by doing a chmod 750 on them. You will usually find these programs in the /bin or the /usr/bin/ folders.
I find this to be a very reassuring program. It gives you a list of processes that are listening or writing to a sofware port. Programs installed by hackers and crackers will usually use unusual port numbers.
What you may want o do is make a list of processes and the ports used by these, and then write a script that emails you when a connection not found in your list is found. If you don't have the time you may download pmon from R-fx Networks.