What should I check after an unauthorized access?

view full story

http://unix.stackexchange.com – I accidentally left an open port on my router, leaving access to one of my computers via SSH, using a rather insecure password. I noticed because I checked /var/log/auth.log and there is just one entry from the outside. There's no bash history nor anything easily noticeable. What should I check to know my computer is not compromised? (HowTos)