securing linux webserver?

sorry to be so noob,

A friend of mine set up a webserver:
http://www.globalgamesearch.com
problem is, he and I have no idea how to go about
securing it;
he started with SuSE Linux 9.1 with Apache 2.0, PHP
4.3.1, and MySQL out of the box and put it up.

about half an hour ago, an intruder broke in, replaced
SSHD with a back door, and pretty much screwed the
system up.

We're going to reinstall the system with minimal
programs, extremely secure permissions and a basic
firewall, but beyond that we have no clue what to do.
Can anyone here please help me out on this?
Thanks in advance for any help.

                
__________________________________
Do you Yahoo!?
Yahoo! Mail - Find what you need with new enhanced search.
http://info.mail.yahoo.com/mail_250
Received on Mar 01 2005