augustine

One of the first places to start would be to specify that only a specific IP or range can log inot your server via SSH and block all Telnet operations.

Anyone else have any "first things to do" suggestions?

sandman

Take a look here this might help:
http://www.webmasterforums.com/showthread.php?t=1904

Just remember SSH does not make the machine secure even when allow/deny by hosts. To protect the host you should have your network firewalled and allow specific trusted hosts in. If your allowing all ports in but choosing hosts by application, your host is threatened by more then just SSH attacks.