Try typing /sbin/ifconfig -- generally /sbin isn't in the path of a non root user.
Why do you think you've been broken into? Are you certain it's not because of some network/software failure that people can't access the machine from the Internet?
If you really suspect a compromise you need to
immediately disconnect the server from the network. That machine is a danger to you and others if someone else has full control over it. Once you have it off the net, try running a tool such as chkrootkit on it. You can find chkrootkit at
http://www.chkrootkit.org . You should use the binaries (ls, netstat, etc.) off of your distro's rescue CD or some other trusted source since the attacker may well have replaced the versions on your systems with ones that will cover his tracks.
Ultimately, if you've been cracked, you'll need to reinstall the operating system and apply all your distro's security patches before reconnecting the machine to the Internet.
But let me ask again, are you certain it's a compromise or just something wrong on your end? There's no need to rush off in a panic, but you DO need to investigate this. One good thing to look for are any user accounts besides root with a UID of 0 -- such accounts have root privileges. Also look for new user accounts that you did not create (your distro came with a number of system accounts like bin, daemon, etc. created by default -- these are OK). If you see any extra UID 0 accounts or any account you did not create that can and has been logged into, you have been compromised. Oh, and use the last command to see who has been logging in.