If someone breaks into your computer, they may copy their own versions of important system files, like /bin/bash and /bin/ps, that monitor your activities, and allow unauthorised people to log in. in this case the best thing is to simply erase the disk and do a fresh install.
you may also want to check for security updates and install them as they come out.
find / -mount -name \*\ \* -print
netstatprogram and see any mantion of irc, or see some computer listed that you don't know about, you may be in trouble.
the line at the end of inetd.conf often has a reference to linuxconf, which allows remote peope to add users!.. Comment it out!
If you want to be more secure, deactivate telnet, ftp, rexecd, rshd, rlogind as well as the more obsure services. You probably don't need pop or uucp on a clients machine, you may not even need sendmail.