As an aside that is hopefully not too OT, one of the boxes here was cracked once. It was all because of a simple (human) error. POP3/FTP passwords are sent plaintext, and so the system was configured to have different passwords for POP3/FTP from the system accounts. Unfortunately, due to laziness, I suppose, one of the admins set their password to be the same for both and later logged in from home to check their mail.

A few days later, our box was cracked with an off-the-shelf "root kit". Even though we were using SSH, they were able to "sniff" the POP3 password over their cable modem and then log in using SSH, use SUDO, and have their way with our system.

Thankfully the 'haX0r' only ran some sort of IRC bot or relay program and didn't do any real damage.

Always make sure that your POP3 and FTP passwords are not the same as your SSH login! Especially for users with 'sudo' access!