When root or sudoers access the server, you will be informed. It will also alert you when crackers gain rights of your server.
Add the following to the top of the file /root/.bashrc or sudoer's account and you will be informed by email when the root or sudoer account is being accessed.
echo -e "Root Shell Access on `tty` \n `w`" | mail -s "Alert: Root Access" email@example.com
echo -e "Sudoer Shell Access on `tty` \n `w`" | mail -s "Alert: Sudoer Access" firstname.lastname@example.org
The official port of SSH is 22. You can change it to any port that between 1024 and 65535. You can do it at the router or firewall and you can do it at the configure file of SSH at /etc/ssh/sshd_config. You are recommended to disable the root account login via SSH even you are using Ubuntu.
Port 65535That's all. See you!
sudo /etc/init.d/sshd restart