This thread has gotten less attention than I anticipated. I have hence written a very detailed blogpost about everything you need to know to thoroughly secure your new Debian Linux server. It describes every step you need to follow to keep your new Debian instance secure right from the start...