Some basic tools to add to that would be last, lastlog, lastb, cat /var/log/secure, top
That is assuming that if your server is compromised, then the intruder hasn't modified those programs to hide their activities (ie, a rootkit)
chkrootkit and rkhunter are some good programs to help detects rootkits, although there are some caveats to look out for in running them. Another good tool is LogWatch which will give you the daily highlights for your log files.
If you're really paranoid and can spend the time setting it up and configuring it, have a look at OSSEC HIDS - I run it on my publicly accessible mail server and it's quite annoying, but I always know when there's something unusual happening...