For what it's worth, there's an operational security document on the Tor wiki:
https://trac.torproject.org/projects/tor/wiki/doc/OperationalSecurity
However, that document covers more advanced techniques mostly intended for serious attackers such as government agencies. Others have already mentioned to you the simplest options, which should keep you safe from automated botnet hackers. These include: allow only public key authentication on SSH, use fail2ban or sshguard, update frequently, and don't run anything unnecessary (a torrent client, an HTTP/FTP server).
Some relevant links:
https://help.ubuntu.com/community/SSH/OpenSSH/Keys (if you're only going to read/do one thing, make it this)
https://www.debian.org/doc/manuals/securing-debian-howto/index.en.html#conte...
-Libertas