One of our servers was just infected by Trojan.Agent.Linux.A (see https://www.virustotal.com/en/file/ca22002822b27562971b1b12bfd61f2f670554ebdb0907270fda4a65f7fd2eed/analysis/1448647113/). I am planning to re-image a new server, this time using anti-virus software from the beginning. In addition, we'll take other general purpose security precautions like doing a security review of our code and IT settings.
However, I would like to know exactly how they were able to break into my server so that I can be sure my general purpose precautions will prevent this specific attack from happening in the future since we were already hit once. I searched around for advice about hardening your server to defend against this attack in particular but could not find anything.
Can anyone provide any pointers or advice?