[itstripe]

Re-install the server

On new re-installed server:

1. Change SSH service port to non-default one. 2. Do not allow root user to remotely connect (change sshd config) 3. Create new user which you will be using for administration to login as root. 4. If possible restrict which IP addresses are allowed to connect via SSH using firewall.

[datalus]

I would also add to this to block any password authentication and use SSH keys.

[barrystaes]

I would worry less about this, and more about where did he find the root password and ip. Change other passwords too, like email.