I recently had a hacking attempt on my machine, perpetrated by somebody noticing the open SSH port and trying every possible user/password and combination trick to try and get in. They didn’t succeed, and I only know that because I was able to check the validity of my machine by using an existing set of recorded information to verify my configuration and program data. This is a technique that I’ve distilled down into an article within the System Administration Toolkit series, called Testing System Validity:
Examine methods of storing and later checking the validity of your configuration files. Despite all the security systems you have in place, it is still possible that somebody has accessed your system and changed your configuration or security settings.