Michelle, contact
http://www.admingeekz.com/ - main man there is Scott, they have done work for us on security analysis and prevention, and are quick, cheapish and very, very, very good. They will find all your server holes and if needed patch them. They will need root ssh to the server.