Protecting a server

[rapha.ottoni () gmail com]

hi guys,

first i would like to apologize for my bad english. then i want to ask ur help to protect one of my servers .
By now i have an server with real ip at the edge of my network which runs this services: Nagios on port 5667, ssh on 
22,ajp13 on 8009,domain on 80 and http-proxy on 8080. knowing this serveces i would like to ask what kind of attacks 
should i expect and what are the solutions to proctect it from those attacks.

recently, it was attacked from a romenian guy which was able to insert some shell scripts on /var/tmp as user www-data. 
I quite certanly that he was using an exploit from apache1. Searching a little on web i found this site 
http://budacsik.blog.hu/2008/11/23/backdoor_bindtty that has most of the scripts that he tried to use. oh, almost 
forgot to say, once he entered as www-data he started an brute-force ssh on my network ( luckly, he failed ) as well an 
su root brute-force with an dictionary ( failed again, since we dont use root user).  At last he tried to open a 
backdoor for him.


Guys, once again i would like to apologize for my english, and thx for ur patience,


grateful,

Raphael Ottoni Santiago Machado de Faria